Dom Invader - Burp Suite tool to Find DOM Based XSS Easily
Dom Invader - Burp Suite tool to Find DOM Based XSS Easily

Quickly Find Dom-Based Vulnerabilities with Burp Suite’s Dom Invader

A DOM-Based XSS executes the malicious JavaScript in Browser’s DOM rather than from the page’s HTML Response.

Find Dom-Bases XSS issues in 6 Steps using Dom Invader

1. Enable DOM Invader in Burp’s embedded browser

Open Burp Suite and from the Proxy tab, open Burp’s embedded browser and enable DOM Invader from the extension settings.


NMAP CHEATSHEET
NMAP CHEATSHEET

Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks. Nmap can be used to monitor single hosts as well as vast networks that encompass hundreds of thousands of devices and multitudes of subnets.
https://nmap.org/


Search Latest CyberSecurity Jobs - Remote, Full-time, and location-based search. https://hacksheets.in/jobs
Search Latest CyberSecurity Jobs - Remote, Full-time, and location-based search. https://hacksheets.in/jobs

Search Latest CyberSecurity Jobs — Remote, Full-time, and location-based search.
https://hacksheets.in/jobs


Increasing Need For Cybersecurity Professionals
Increasing Need For Cybersecurity Professionals

Increasing Need For Cybersecurity Professionals

Cybersecurity is facing an extraordinary challenge in finding and training enough professionals to meet the growing needs of global businesses, which are facing an ever-growing threat of cyberattacks.

Every 39 seconds, a cyberattack occurs somewhere in the world. These attacks cost organizations an average of $13 million, and the cumulative global value at risk from being destroyed amounts to approximately $5.2 trillion in the period from 2019 to 2023, according to Accenture.

As cybercriminals and state actors become increasingly sophisticated and skilled in their cyberattacks, it’s critical for companies and the public sector to ramp…


What is DNS? (
What is DNS? (

What is DNS? (“The Phonebook of Internet”) — Cheatsheet

DNS, or the Domain Name System, resolves human readable domain names (for example, www.hacksheets.in) to machine readable IP addresses (for example, 192.0.1.45).

DNS Resolution Steps

- A user types ‘www.hacksheets.in’ into a web browser and the system sends the query to a DNS resolver.

- This resolver then sends the query to the DNS root nameserver (.).

- The root server then responds to the resolver with the address of a Top-Level Domain (TLD) DNS server (.in)

- The resolver then makes a request to the .in TLD.

- The TLD server then responds with the…


Recon-ng
Recon-ng

Recon-ng

Recon-ng is a reconnaissance tool that is used to provide a powerful environment to conduct open-source web-based reconnaissance quickly and thoroughly. It is based on Open Source Intelligence (OSINT), which is the easiest and useful tool for reconnaissance.

Recon-ng is written in Python. Complete with database interaction, independent modules, interactive help, command completion, and built-in convenience functions.

Contents

- what is Recon-ng?

- Features.

- Uses.

- Using recon-ng.

- Help.

- Examples.

What is Recon-ng?

Recon-ng is a full-featured reconnaissance framework that has a similar interface to that of Metasploit(which comes in handy and easy to use).

Recon-ng…


Whois (
Whois (

Whois ( “who owns a domain?”)

Whois is a query and response protocol that’s used for querying databases that store the registered users or assignees of an Internet resource, like a domain name, an IP address block or an autonomous system, etc.

Whois (pronounced as the phrase “who is”)As its names suggest, Whois is a widely used Internet record listing that identifies who owns a domain and how to get in contact with them. The Internet Corporation for Assigned Names and Numbers (ICANN) regulates domain name registration and ownership.

Content:

- About whois.

- Features.

- Whois lookups.

- Whois record.

- Whois protocol.


Strong Password Policy
Strong Password Policy

Strong Password Policy

Protect yourself from being hacked. Create a strong password policy.


WHATWEB (
WHATWEB (

WHATWEB (“What Is That Website?”)

The WhatWeb is a tool that is used to identify different web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. It has over 1700 plugins, each used to do something different.

Whatweb’s main use is to identify all sorts of information about a live website, like:

- Platform

- CMS platform

- Type of Script

- Google Analytics

- Web server Platform

- IP address, Country

- 900+ Plugins & their libraries used

- Server Headers, Cookies, and a lot more.

It is included in Kali…

Hacksheets

Ethical Hacking & Information Security Cheatsheets, Resources, Tools, Quizzes, and lots of free learning material.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store