How to bypass server-side URL encoding ? [Firing-Range automation]
I’m trying to make an automated XSS detection toolkit for myself and I’m using google’s firing range for testing it. For this particular case of escaped XSS in HTML context https://public-firing-range.appspot.com/escape/serverside/encodeUr… Continue reading How to bypass server-side URL encoding ? [Firing-Range automation]