30
vote
It can take some digging to discover if you’ve successfully injected any code into a web application. I was using the ALL-FUZZ-STRINGS that comes with Suru (added additional strings from sources like ha.ckers.org XSS Cheat Sheet) to run through a list of popular input validation attacks.
Suru is a Man In The Middle (MITM) proxy that sits between the user's browser and the web application.
Bookmark/Search this post with:
