How do I test for Reflected XSS in webpage titles, url parameters and javascript variables?

I have a java web app. I’m using OWASP Java Encoder to encode for html, javascript and url components to mitigate reflected XSS. I’m new to this so I’m not sure on how to test on my web app for the following scenarios where there’s no dire… Continue reading How do I test for Reflected XSS in webpage titles, url parameters and javascript variables?

GRZXW5EDY – Does anyone recognize what kind of hash/id is this? [duplicate]

I am black-box testing a video streaming website. They have 2 kind of IDs for videos. internal_id and external_id.
I need to find a way to enumerate internal_id but cannot guess what kind of ID this website is using.
Example:
video 1: inte… Continue reading GRZXW5EDY – Does anyone recognize what kind of hash/id is this? [duplicate]