You need to configure the proxy and install the required Burp Suite Certificate to successfully inspect the traffic to your target, steps - here. Let’s take a look at my process →įor privacy purposes, let’s call my target “” After messing with a few target domains, I found one domain where there was an XSS vulnerability present. Now it’s time for the actual bug bounty write-up →Īfter having ample knowledge about the aforementioned topics, I went to search for some targets on openbugbounty. You can download the Reflector plugin from here, which will be required for hunting down our XSS vulnerabilities. You can download it from here, or from SNGWN’s GitHub (to activate Burp Pro).
Burp Suite is an integrated platform and graphical tool for performing security testing of web applications, it supports the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
0 kommentar(er)
