Summary

This chapter covered the different types of XSS attacks, understanding the anatomy of an XSS snippet, and extending Burp Suite with XSS Validator to confirm successful injection attempts. We also look at using Google Gruyere as a teaching aide and testing ground, and reported an XSS vulnerability from start to finish, including how to document your report and a sample submission.