From the course: DevSecOps: Automated Security Testing
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
XSS attack automation refactoring
From the course: DevSecOps: Automated Security Testing
XSS attack automation refactoring
- [Instructor] Arachni ships with a lot of other checks. In our previous scenario, we were just using the basic cross side scripting check and only on our login page and it didn't find anything wrong with the site. However, as you know, GreeA is a vulnerable application and it does indeed have cross side scripting inside it. Let's set up a second scenario to do a more thorough job of testing the login page. We will still be using the same attack file. Let's reopen attacks slash XSS slash XSS dot attack. I'm opening opening up in vim my ID. Now, I don't want to change our previous scenario. However, let's add a second scenario. I've just copied my original scenario and pasting it below. Since this is a new scenario, let's rename the scenario to this. Do a full XSS check and verify no issues are found against the login page. Okay, let's rename our scenario to this. Do a full check for cross side scripting and verify no issues are found in the login page. It's still mostly the same but…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.