Professional Documents
Culture Documents
Internship - PPT (Autosaved)
Internship - PPT (Autosaved)
Internship Presentation
on
“Cross-Site Scripting (XSS) on Burp Suite”
Under The Guidance of, Presented By,
Ratheesh
Name: Dr. Krishna Prasad
1SU20CF035
XSS vulnerabilities occur when web applications fail to properly validate or encode user-
supplied data, allowing attackers to inject malicious scripts into the web page. These scripts can
then be executed by the user's web browser, allowing the attacker to steal sensitive information,
such as cookies or login credentials, or to perform actions on behalf of the user.
About Organization
•EyeQ Dot Net Pvt. Ltd. is a cyber-security-based company located in Mangalore, Karnataka, India,
offering a wide range of high-quality cyber security and IT infrastructure security services.
•The company has a strong commitment to protecting data and privacy, holding several certifications
such as ISO 27001, ISO 27017, ISO 27018, and ISO 9001 for information security management, cloud
security, and quality management systems.
•EyeQ Dot Net Pvt. Ltd. has a robust cybersecurity framework that includes thorough screenings and
trainings for employees, strict access control measures, and secure software development lifecycles.
They also encourage security researchers to report potential vulnerabilities.
•The organization is dedicated to raising awareness about cybercrime and prevention through educational
initiatives and awareness programs.
Proposed System
•Detection Mechanism: Implementing advanced detection methods to identify and
highlight potential XSS vulnerabilities on websites.
Software Requirements
• Windows / Linux
• Burp suite
Architecture Diagram
Implementation
•Go to the website and input "hello" in the search bar.
•Open Burp Suite, connect it to the browser, and enable intercept in the proxy.
•Forward the data and examine for the presence of the "hello" word.
•Click the start payload button and observe the Result status for potential XSS vulnerabilities.
Results
Results
Conclusion
•In conclusion, the presentation highlighted the critical importance of addressing XSS
vulnerabilities in web applications. Our proposed system provides an effective means of
detection and prevention, showcased through practical steps. The demonstrated approach
empowers users to identify and mitigate XSS threats, bolstering overall website security.
It's imperative to stay proactive, regularly updating systems, and fostering a security-
conscious development environment. By adopting these practices, we contribute to a
safer digital landscape, guarding against the persistent threat of XSS attacks.
References
•What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy (p
ortswigger.net)
•https://xss-labs.thecyberhub.org/xss1
•Cross-Site Scripting (XSS) attacks and defense mechanisms: classification and state-
of-the-art (researchgate.net)
Thank You