Use Sqlmap to find XSS vulnerabilities!

Mehdi Esmaeilpour

1 min readSep 3, 2019

Hi everyone,

In this blog post, I want to show you, how to find XSS vulnerabilities with help of Sqlmap!

Steps :

1 — Find URL’s with parameters

2 — Pass the ‘URL with the parameters’ to sqlmap => sqlmap -u https://xss-game.appspot.com/level1/frame?query=test

3 — If sqlmap found any reflected value or potential XSS, informs you!

4 — Verify the XSS vulnerability with your browser (with a list of XSS payloads)or any other tools.

sqlmap example

I hope this will be useful.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Xss Vulnerability

Written by Mehdi Esmaeilpour

Application Security Engineer

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

More from Mehdi Esmaeilpour

How to easily find Reflected XSS vulnerabilities!

Mehdi Esmaeilpour

How to easily find Reflected XSS vulnerabilities!

Hello everybody!

Oct 28, 2019

Threat Modeling — Easy way

Mehdi Esmaeilpour

Threat Modeling — Easy way

Do you run Threat Modeling sessions regularly? Do you have any specific method to do that?

Feb 10, 2021

Security Code Review and Secure Coding

Mehdi Esmaeilpour

Security Code Review and Secure Coding

What is Security Code Review and Secure Coding? How important is it? Are Security Code Review and Secure Coding part of your Application…

May 12, 2021

See all from Mehdi Esmaeilpour

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams