Skip to content

Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.

License

Notifications You must be signed in to change notification settings

MrPr0fessor/Google-Dorks-for-Cross-site-Scripting-XSS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 

Repository files navigation

Google Dorks for Cross-site Scripting (XSS)

Cross-site Scripting (XSS) is a client-side code injection attack in which an attacker can execute malicious scripts to victim site or web application. XSS occurs when a web application makes use of unvalidated or unencoded user input within the output it generates. XSS flaws can be difficult to identify and remove from a web application. XSS attacks categorized into three types stored, reflected and DOM Based XSS.

Here’s some updated keywords to find XSS vulnerable site by using Dorks

1	/2wayvideochat/index.php?r=
2	/elms/subscribe.php?course_id= /elms/subscribe.php?course_id=
3	/gen_confirm.php?errmsg= /gen_confirm.php?errmsg=
4	/hexjector.php?site= /hexjector.php?site=
5	/index.php?option=com_easygb&Itemid=
6	/index.php?view=help&faq=1&ref=
7	/index.php?view=help&faq=1&ref=
8	/info.asp?page=fullstory&key=1&news_type=news&onvan=
9	/info.asp?page=fullstory&key=1&news_type=news&onvan=
10	/main.php?sid= /main.php?sid=
11	/news.php?id= /news.php?id=
12	/notice.php?msg= /notice.php?msg=
13	/preaspjobboard//Employee/emp_login.asp?msg1=
14	/Property-Cpanel.html?pid= /Property-Cpanel.html?pid=
15	/schoolmv2/html/studentmain.php?session=
16	/search.php?search_keywords= /search.php?search_keywords=
17	/ser/parohija.php?id= /ser/parohija.php?id=
18	/showproperty.php?id= /showproperty.php?id=
19	/site_search.php?sfunction= /site_search.php?sfunction=
20	/strane/pas.php?id= /strane/pas.php?id=
21	/vehicle/buy_do_search/?order_direction=
22	/view.php?PID= /view.php?PID=
23	/winners.php?year=2008&type= /winners.php?year=2008&type=
24	/winners.php?year=2008&type= /winners.php?year=2008&type=
25	index.php?option=com_reservations&task=askope&nidser=2&namser= “com_reservations”
26	index.php?option=com_reservations&task=askope&nidser=2&namser= “com_reservations”
27	intext:”Website by Mile High Creative”
28	inurl:”.php?author=”
29	inurl:”.php?cat=”
30	inurl:”.php?cmd=”
31	inurl:”.php?feedback=”
32	inurl:”.php?file=”
33	inurl:”.php?from=”
34	inurl:”.php?keyword=”
35	inurl:”.php?mail=”
36	inurl:”.php?max=”
37	inurl:”.php?pass=”
38	inurl:”.php?pass=”
39	inurl:”.php?q=”
40	inurl:”.php?query=”
41	inurl:”.php?search=”
42	inurl:”.php?searchstring=”
43	inurl:”.php?searchst­ring=”
44	inurl:”.php?tag=”
45	inurl:”.php?txt=”
46	inurl:”.php?vote=”
47	inurl:”.php?years=”
48	inurl:”.php?z=”
49	inurl:”contentPage.php?id=”
50	inurl:”displayResource.php?id=”
51	inurl:.com/search.asp
52	inurl:/poll/default.asp?catid=
53	inurl:/products/classified/headersearch.php?sid=
54	inurl:/products/orkutclone/scrapbook.php?id=
55	inurl:/search_results.php?search=
56	inurl:/­search_results.php?se­arch=
57	inurl:/search_results.php?search=Search&k=
58	inurl:/search_results.php?search=Search&k=
59	inurl:”contentPage.php?id=”
60	inurl:”displayResource.php?id=”
61	inurl:com_feedpostold/feedpost.php?url=
62	inurl:headersearch.php?sid=
63	inurl:scrapbook.php?id=
64	inurl:search.php?q=
65	pages/match_report.php?mid= pages/match_report.php?mid=

🚀 About Me

👨‍💻 Ethical Hacker | Cyber Security Expert | Black Hat Python Developer

🔐 Ensuring digital landscapes are secure and resilient. 🐍 Crafting tools and solutions using Python for security challenges. 💡 Passionate about defending systems and staying ahead of threats.

🔹 Experienced in ethical hacking, penetration testing, and vulnerability assessment.

🔹 Proficient in Black Hat Python development for offensive security.

🔹 Committed to enhancing cyber defense and minimizing risks.

💻 Explore my projects and contributions below!

License

MIT

About

Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published