Check whether a site is XSS vulnerable or not.

XSS is a method to hack sites which most of the newbie programmers don’t know. Here is a quick way to identify if a site is vulnerable to it. Go to a site which offers searching or other GET parameters which are outputted in the site’s page.

Instead of the value in one of the GET parameter use the following value :

XSS Vulnerability checker by Subin Siby

For example a site with the GET parameter query with value subins and the url will be :

For such a site you have to replace the parameter value with this:

XSS Vulnerability checker by Subin Siby

If the site outputs the GET type parameter then you will get a javascript alert. The alert means that the site is vulnerable to XSS.
This trick can be also used in POST type parameter by injecting the code mentioned to the input field.