X9 admin TorHackr has created an interesting tutorial on how to harvest information from incoming HTTP Requests by using Python and the Flask library. He demonstrates how useful information, such as the user’s IP address, operating system, and browser type, can be extracted from HTTP headers, even when the Flask application is hosted behind a reverse proxy such as Nginx and Lighttpd. Check out his article over on his website!
Introduction to XSS
SHAM admin Rusty has published an article on the SHAM homepage which provides a general overview and introduction to Cross-Site Scripting (XSS) attacks. The article discusses Reflected and Persistent XSS attacks, and even includes sandboxes where you can practice your XSS skills. Go take a look!
XSS Attacks Explained
X9 administrator Xorus has created a fantastic, in-depth write-up of XSS attacks, covering not only the various types of XSS attacks that can be performed, but how they work as well. To top it off, Xorus has also included information on how to prevent such attacks in your own web services. If you’d like to read this article, check it out over on the X9 website!