Last active
June 4, 2020 13:58
-
-
Save numberwhun/aaed6b9e35e8949d082fb45f5ef7e6e3 to your computer and use it in GitHub Desktop.
RSS Hacking and Exploitation Links
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Borrowed from: https://plus.google.com/108889088632131119238/posts/8FCPkHWoqo6 | |
------------------------------------------- | |
RSS Hacking and Exploitation 2016 | |
------------------------------------------- | |
RSS Feeds p3wn'd by usb | |
------------------------------------------- | |
1. Parsing RSS Feeds in JavaScript | |
https://www.raymondcamden.com/2015/12/08/parsing-rss-feeds-in-javascript-options/ | |
2. Build an Automated RSS Feed List With jQuery | |
https://designshack.net/articles/javascript/build-an-automated-rss-feed-list-with-jquery/ | |
3. Creating Your Own RSS Reader Using Google Feed API | |
https://www.script-tutorials.com/creating-own-rss-reader-using-google-feed-api/ | |
4. How to parse an RSS feed using JavaScript? | |
http://stackoverflow.com/questions/10943544/how-to-parse-an-rss-feed-using-javascript | |
5. Parsing RSS Feeds in JavaScript — Options | |
https://dzone.com/articles/parsing-rss-feeds-in-javascript-options | |
6. https://feed2js.org/ | |
----------------------------------------------------------------------------------------- | |
Robust RSS, Atom, and RDF feed parsing in Node.js | |
https://github.com/danmactough/node-feedparser | |
This module adds methods for RSS, Atom, and RDF feed parsing in node.js using Isaac Schlueter's sax parser. Feedparser has a couple features you don't usually see: | |
It resolves relative URLs (such as those seen in Tim Bray's "ongoing" feed). | |
It properly handles XML namespaces (including those in sadistic feeds that define a non-default namespace for the main feed elements). | |
----------------------------------------------------------------------------------------- | |
dylang/node-rss | |
https://github.com/dylang/node-rss | |
RSS feed generator. Add RSS feeds to any project. Supports enclosures and GeoRSS. | |
----------------------------------------------------------------------------------------- | |
CSRFT - Cross Site Request Forgeries (Exploitation) Toolkit | |
https://github.com/PaulSec/CSRFT | |
This project has been developed to exploit CSRF Web vulnerabilities and provide you a quick and easy exploitation toolkit. In few words, this is a simple HTTP Server in NodeJS that will communicate with the clients (victims) and send them payload that will be executed using JavaScript. | |
----------------------------------------------------------------------------------------- | |
DOM Based Cross-site Scripting Vulnerability | |
https://www.netsparker.com/blog/web-security/dom-based-cross-site-scripting-vulnerability/ | |
RSA Data Loss Prevention XSS / Information Disclosure | |
https://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html | |
----------------------------------------------------------------------------------------- | |
DOM Based Cross Site Scripting or XSS of the Third Kind | |
http://www.webappsec.org/projects/articles/071105.shtml | |
DOM Scripting (Web Design with JavavScript and the Document Object Model PDF) | |
Download eB0*k: http://goo.gl/taYmq9 | |
JavaScript and HTML DOM Reference | |
http://www.w3schools.com/jsref/ | |
Document Object Model (DOM) | |
https://developer.mozilla.org/en-US/docs/Web/API/Document_Object_Model | |
DOM (Document Object Model) Reference | |
http://www.javascriptkit.com/domref/ | |
----------------------------------------------------------------------------------------- | |
node-jsdom | |
https://www.npmjs.com/package/node-jsdom | |
A JavaScript implementation of the DOM and HTML standards cloned from the original jsdom branch 3.x | |
----------------------------------------------------------------------------------------- | |
DOM Nodes | |
http://javascript.info/tutorial/dom-nodes | |
node-bot | |
https://github.com/Ayms/node-bot | |
Node.js, YUI 3 & Dom Manipulation... Oh My! | |
http://yuiblog.com/blog/2010/04/09/node-js-yui-3-dom-manipulation-oh-my/ | |
----------------------------------------------------------------------------------------- | |
Feed Injection In Web 2.0: Hacking RSS and - CGISecurity | |
http://www.cgisecurity.com/papers/HackingFeeds.pdf | |
----------------------------------------------------------------------------------------- | |
Web Feed injection (RSS Hacking) | |
http://www.securview.com/wp-content/uploads/2015/06/Web_feed_injection.pdf | |
----------------------------------------------------------------------------------------- | |
XSS killed the anti-CSRF star | |
https://securityetalii.es/2013/01/23/xss-killed-the-anti-csrf-star/ | |
----------------------------------------------------------------------------------------- | |
CSRF: Attack and Defense - McAfee | |
http://www.mcafee.com/us/resources/white-papers/wp-csrf-attack-defense.pdf | |
----------------------------------------------------------------------------------------- | |
simplerss | |
https://github.com/elmarti/simplerss | |
rss-twitter-bot | |
https://gitlab.com/hughr/rss-twitter-bot | |
----------------------------------------------------------------------------------------- | |
Huge List of RSS Tools | |
http://www.rss-specifications.com/huge-list-rss-tools.htm |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment