Finally, that’s Blind XSS

Aneesha D
1 min readMar 3, 2023
Photo by ochimax studio on Unsplash

Hello 👋 people,

We know that xsshunter is saying something about their services, I really didn’t not understood how to overcome that.

Now we have another website that provides blind xss tracking service ie, by cyberxplore called https://bxsshunter.com/

I was kinda happy that we have free service available now, but till now I didn’t get any blind xss or I can say I didn’t not hunt for them. Later while I was studying for the exam, I got a tip in my phone saying try to put the xss payloads in the mail subject and the body and send to the organization’s mail, left the book🙊 and went on hunting for the bxss now😂.

After a few hours I was hunting on one organization and sent a bug report to that organization, and got a support ticket then I thought of sending an xss payload to the same email. Yeah, I got an xss payload fired on that service.

Always try sending a BXSS payload in Contacts us email.

Thank you for your time, and happy hunting! ❤

--

--