Xssy is a new (at least for me) platform, developed and maintained by https://github.com/paj28 and packed with free content from the growing community they are building. The Platform As the name states, Xssy hosts a range of XSS challenges in a CTF format. User’s are given a vulnerable page and a goal, 99% being “leak…
Initial finding Disclaimer: This information was found during a pen-test on a client. For that reason, my explanations and examples will be very vague and contain no sensitive information relative to the target but it will be kept close to the actual finding. If you’re not sure what XXE is, please refer to OWASP’s wiki…