When reading about SQL Injection and XSS i was wondering if you guys have a single string that could be used to identify those vulnerabilities and others.
A string that could be thrown into a website database to black box check if that field is safe or not. (going to do a large test on a few inhouse tools)
Rough example, wondering if you guys know of more?
"a' or '1'='1"
"center'> < script>alert('test')< /script>"
EDIT: Found a nice XSS question on SO
I've found some nice firefox addons that do the trick.
XSS Me
SQL Inject Me
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet has lots of examples for testing SQL injection.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With