class="post-template-default single single-post postid-76 single-format-image custom-background wp-custom-logo right-sidebar hide-slider classic-logo-position "

What Is Reflected XSS.Reflected XSS Explained

What Is Reflected XSS
reflexted xss tutorial || Bug Bounty TuT
Reflexted Xss Example || Bug Bounty TuT

What is a reflected XSS?

To Day I Am Writeup What Is Reflected XSS.An XSS allows an attacker to inject a script into the content of a website or app. When a user visits the infected page, the script will execute in the victim’s browser. This allows attackers to steal private information like cookies,User Password, account information, or to perform custom operations while impersonating the victim’s identity.


A reflected XSS (or also called a non-persistent XSS attack) is a specific type of XSS whose malicious script bounces off of another website to the victim’s browser. It is passed in the query, typically, in the URL. It makes exploitation as easy as tricking a user to click on a link.

Basically Reflected XSS Vulnerability Depend Web Apps Or Website Every Parameter.

Parameter Example:-  id=, view=, data=, mode=, code=, cat=, q=, uid=, pid= etc.

Reflected Xss Example:-

  1. Choose Your Target Website Or Web Apps.
  2. Find A Parameter Like- id=, view=, data=, mode=, code=, cat=, q=, uid=, pid= etc
  3. You Just Open Burp Suite.Capture Https Request.And Spider This Host.Then See Your Targeted Website All Parameter Here.
  4. Find Website Parameter Using Google Dork.

    inurl:”.php?id=” intext:”View cart”

    inurl:”.php?cid=” intext:”shopping”

    inurl:/news.php?include=

    inurl:”.php?query=”



  5. Select a Parameter and Put The Xss Payload. Ex- .php?id=<svg onload=alert(Test)>.

  6. Xss Payload List GitHub
  7. Try Cross Site Scripting (Xss) In Lab XSS Lab

Thank You For Reading My Reflected Xss Writeup.More Bug Bounty Writeup Coming Soon.Stay With Us.Follow On Social Network Get Notification.If You Are New Bug Hunter Or Web Penetration Tester This Blog Site Help To You.And Also Share This Blog Post Your Friends Of Friends.Happy Hunting Be Smile.

Follow My Twitter Get New Post Notification.

Follow Twitter:- Follow Now || Click Here

Like  My Facebook Page Get New Post Notification.

Like Page:- Like Now || Click Here

Author: Md Hridoy

Copyright By © Bug Bounty TuT

BugBountyTut

loading…



Leave a Reply

Your email address will not be published. Required fields are marked *