By Jason Haddix Aug 30, 2016Big Bugs | Episode 5: Big XSS–Not an Oxymoron Over the past 10+ years, Cross-Site Scripting has made its way into just about every ‘top-ten vulnerability’ list and has consistently starred in headlines and POCs. XSS vulnerabilities are also commonly submitted through bug bounty programs, and many write them off as ‘low hanging fruit.’ We’re here to tell you that not all XSS are created equal.This episode of Big Bugs examines the reason we’re experiencing XSS-Fatigue, some examples of high impact XSS bugs found in the wild, and resources for defenders and offenders. Resources Mentioned in this Episode:Browser Exploitation Framework A.K.A. BeEFBugcrowd VRTBug Hunter’s Methodology Slideshow – Given originally at DEFCON 23XSS Polyglots (Slides 25 – 33)Multi-context, filter bypass based polyglot payload #1 (Rsnake XSS Cheat Sheet)Multi-context, filter bypass based polyglot payload #2 (Ashar Javed XSS Research)Multi-context polyglot payload (Mathias Karlsson)http://polyglot.innerht.ml/Unleashing an Ultimate XSS Polyglot – Hack VaultFuzzing Payloads with SecLists, compiled by myself and Daniel MeisslerSleepy puppy – helps identify Blind XSSOther Useful Resources:https://www.bishopfox.com/blog/2015/08/coldfusion-bomb-a-chain-reaction-from-xss-to-rce/http://maustin.net/hipchat_rce/https://oreoshake.github.io/xss/rce/bugbounty/2015/09/08/xss-to-rce.htmlhttp://brutelogic.com.br/blog/cheat-sheet/Have questions for me? Continue the discussion on our forum and subscribe below to get monthly episodes of this podcast. You can also subscribe to the Bugcrowd podcast RSS feed and find us on iTunes.Tags:Topics:Researcher ResourcesBug Hunter Methodology Jason HaddixJason Haddix was VP of Researcher Growth at Bugcrowd. Recent PostsTwitter
