How I easily found Blind XSS

Can it always be this easy?

XSS Hunter Website
XSS Hunter by Mathew Bryant

One day I was scrolling through Twitter and saw a post about a vulnerability called “Blind XSS”. I was still reasonably new to bug bounty hunting, so I was unsure how to exploit it. A quick Google search gave me all the information I needed and a tool to help with finding it, called XSS Hunter. I never imagined that the same day I would be submitting a bug report.

--

--

--

Writer, Web Developer, Hacker, and Family man

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Create Self Signed CA certificate and Server certificates

The Paper Tiger that is the California Consumer Privacy Act (CCPA)

The Bitcoin Scam And Hacked Twitter Accounts

AOL Outlook Settings

{UPDATE} SUV Car Simulator 4 Hack Free Resources Generator

{UPDATE} Arma Tactics Hack Free Resources Generator

Security Lightning Rod YTCracker Joins Aurox

Host Header Injection

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam W.

Adam W.

Writer, Web Developer, Hacker, and Family man

More from Medium

How I Found A Simple Stored XSS

Hunting for Bugs in File Upload Feature:

Bug Bounty Methodology - Web Vulnerabilities Checklist

STORY OF AN ENCODED XSS