Thanks to visit codestin.com
Credit goes to Github.com

Skip to content

XSS Reorganization#1074

Open
manindar-mohan wants to merge 69 commits intoOWASP:masterfrom
manindar-mohan:fix-591
Open

XSS Reorganization#1074
manindar-mohan wants to merge 69 commits intoOWASP:masterfrom
manindar-mohan:fix-591

Conversation

@manindar-mohan
Copy link
Contributor

@manindar-mohan manindar-mohan commented Jun 30, 2023
edited by kingthorin
Loading

This PR fixes #591.

  • This PR handles the issue and requires no additional PRs.
  • You have validated the need for this change.

What did this PR accomplish?

  • Moved all XSS to chapter 11, client-side testing
  • added sub-sections for XSS

Thank you for your contribution!

@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
Manindar Mohan added 15 commits June 30, 2023 15:44
mistake fixed for 07-Input_Validation_Testing/02-Testing_for_HTTP_Par…
8304381 
…ameter_Pollution (OWASP#591)
mistake fixed for 07-Input_Validation_Testing/02-Testing_for_HTTP_Par…
c5277d4 
…ameter_Pollution (OWASP#591)
Mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
b96069f 
…Testing/03.2-Testing_for_MySQL (OWASP#591)
Mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
4e19ca5 
…Testing/06-Testing_for_SSI_Injection (OWASP#591)
Mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
6de5b1f 
…Testing/06-Testing_for_SSI_Injection (OWASP#591)
mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
abd0d14 
…Testing/08-Testing_for_IMAP_SMTP_Injection (OWASP#591)
mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
13af516 
…Testing/09.1-Testing_for_File_Inclusion (OWASP#591)
mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
ca63381 
…Testing/10-Testing_for_Command_Injection (OWASP#591)
mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
796ff39 
…Testing/12-Testing_for_Format_String_Injection (OWASP#591)
mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
6f4e77f 
…Testing/13-Testing_for_Incubated_Vulnerability (OWASP#591)
Mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
57577bb 
…Testing/14-Testing_for_HTTP_Splitting_Smuggling (OWASP#591)
Mistake fixed document/4-Web_Application_Security_Testing/07-Input_V…
3b25297 
…alidation_Testing/16-Testing_for_Host_Header_Injection (OWASP#591)
Mistake fixed document/4-Web_Application_Security_Testing/07-Input_Va…
da5a26b 
…lidation_Testing/17-Testing_for_Server-side_Template_Injection (OWASP#591)
Mistake fixed document/4-Web_Application_Security_Testing/07-Input_Va…
4f972b8 
…lidation_Testing/18-Testing_for_Server-Side_Request_Forgery (OWASP#591)
Mistake fixed 4-Web_Application_Security_Testing/07-Input_Validation_…
407ef1e 
…Testing/19-Testing_for_Mass_Assignment (OWASP#591)
@github-actions

This comment was marked as outdated.

Sign in to view
Manindar Mohan added 11 commits June 27, 2025 13:26
Mistakes fixed in 4-Web_Application_Security_Testing/04-Authenticatio…
fd3a1a3 
…n_Testing/08-Testing_for_Weak_Password_Change_or_Reset_Functionalities.md
Mistakes fixed in 4-Web_Application_Security_Testing/04-Authenticatio…
4997031 
…n_Testing/09-Testing_for_Weaker_Authentication_in_Alternative_Channel.md
Mistakes fixed in 4-Web_Application_Security_Testing/04-Authenticatio…
faacfbe 
…n_Testing/10-Testing_Multi-Factor_Authentication.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
c27846c 
…ion_Testing/03-Testing_for_SQL_Injection.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
527554d 
…ion_Testing/03.2-Testing_for_MySQL.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
7e1e3b1 
…ion_Testing/03.6-Testing_for_NoSQL_Injection.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
d82b881 
…ion_Testing/05-Testing_for_XML_Injection.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
6a6a378 
…ion_Testing/10-Testing_for_Command_Injection.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
c206b49 
…ion_Testing/12-Testing_for_Format_String_Injection.md
Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
a2d3ba5 
…ion_Testing/18-Testing_for_Server-Side_Request_Forgery.md
Mistakes fixed in 4-Web_Application_Security_Testing/11-Client-side_T…
1c42b71 
…esting/01.1-Testing_for_Reflected_Cross_Site_Scripting.md
@github-actions
Copy link

github-actions bot commented Jun 27, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/04-Authentication_Testing/07-Testing_for_Weak_Security_Question_Answer.md
[✖] 09-Testing_for_Weak_Password_Change_or_Reset_Functionalities.md → Status: 400
[✖] 03-Testing_for_Weak_Lock_Out_Mechanism.md → Status: 400

@github-actions
Copy link

github-actions bot commented Jun 27, 2025

The following mistakes were identified:

/home/runner/work/wstg/wstg/pr/document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/03-Testing_for_SQL_Injection.md
789:104 ✖ Incorrect term: “cheatsheet”, use “cheat sheet” instead terminology
790:61 ✖ Incorrect term: “cheatsheet”, use “cheat sheet” instead terminology
792:71 ✖ Incorrect term: “cheatsheet”, use “cheat sheet” instead terminology

Mistakes fixed in 4-Web_Application_Security_Testing/07-Input_Validat…
e2ab51d 
…ion_Testing/03-Testing_for_SQL_Injection.md
@github-actions
Copy link

github-actions bot commented Jun 27, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/04-Authentication_Testing/07-Testing_for_Weak_Security_Question_Answer.md
[✖] 09-Testing_for_Weak_Password_Change_or_Reset_Functionalities.md → Status: 400
[✖] 03-Testing_for_Weak_Lock_Out_Mechanism.md → Status: 400

@github-actions
Copy link

github-actions bot commented Jun 30, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/04-Authentication_Testing/08-Testing_for_Weak_Password_Change_or_Reset_Functionalities.md
[✖] ../07-Input_Validation_Testing/17-Testing_for_Host_Header_Injection.md → Status: 400
[✖] 08-Testing_for_Weak_Security_Question_Answer.md → Status: 400

@github-actions
Copy link

github-actions bot commented Jun 30, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/04-Authentication_Testing/10-Testing_Multi-Factor_Authentication.md
[✖] 09-Testing_for_Weak_Password_Change_or_Reset_Functionalities.md → Status: 400
[✖] 08-Testing_for_Weak_Security_Question_Answer.md → Status: 400
[✖] ../07-Input_Validation_Testing/05-Testing_for_SQL_Injection.md#sql-wildcard-injection → Status: 400
[✖] 03-Testing_for_Weak_Lock_Out_Mechanism.md → Status: 400

@github-actions
Copy link

github-actions bot commented Jun 30, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/04-Authentication_Testing/10-Testing_Multi-Factor_Authentication.md
[✖] 09-Testing_for_Weak_Password_Change_or_Reset_Functionalities.md → Status: 400

@github-actions
Copy link

github-actions bot commented Jun 30, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/03-Testing_for_SQL_Injection.md
[✖] https://wiki.owasp.org/index.php/Automated_Audit_using_SQLMap → Status: 500
[✖] https://www.cgisecurity.com/lib/more_advanced_sql_injection.pdf → Status: 403

@github-actions
Copy link

github-actions bot commented Jun 30, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/03-Testing_for_SQL_Injection.md
[✖] https://www.cgisecurity.com/lib/more_advanced_sql_injection.pdf → Status: 403

@github-actions
Copy link

github-actions bot commented Jun 30, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/03-Testing_for_SQL_Injection.md
[✖] https://www.cgisecurity.com/lib/more_advanced_sql_injection.pdf → Status: 403

@github-actions
Copy link

github-actions bot commented Jul 1, 2025

The following links are broken:
FILE:document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/03-Testing_for_SQL_Injection.md
[✖] https://www.cgisecurity.com/lib/more_advanced_sql_injection.pdf → Status: 403
[✖] https://blog.checkpoint.com/latest-sql-injection-trends/ → Status: 502

@kingthorin
Copy link
Collaborator

kingthorin commented Jul 1, 2025

Some of the link checks will be FPs, don't get too worried about it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kingthorin kingthorin kingthorin left review comments

@ThunderSon ThunderSon Awaiting requested review from ThunderSon

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

revise Needs quality review, updates, or revision work_in_progress Issue or PR not yet ready for review

Projects

None yet

Milestone

v5.0 Release

Development

Successfully merging this pull request may close these issues.

XSS Reorganization

4 participants

@manindar-mohan @kingthorin @ThunderSon @rejahrehim