Finally, that’s Blind XSS
Hello 👋 people,
We know that xsshunter is saying something about their services, I really didn’t not understood how to overcome that.
Now we have another website that provides blind xss tracking service ie, by cyberxplore called https://bxsshunter.com/
I was kinda happy that we have free service available now, but till now I didn’t get any blind xss or I can say I didn’t not hunt for them.
Later while I was studying for the exam, I got a bugbounty tip in my phone saying try to put the xss payloads in the mail subject and the body and send to the organization’s mail, left the book🙊 and went on hunting for the bxss now😂.
After a few hours I was hunting on one organization and sent a bug report to that organization, and got a support ticket then I thought of sending an xss payload to the same email. Yeah, I got an xss payload fired on that service.
Always try sending a BXSS payload in Contacts us email.
Thank you for your time, and happy hunting! ❤
