.png)
2 months ago
37 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello everyone, today I am going to show a way of how you could detect (Blind) injection attacks with notifications/alerts using discord webhooks.
Background: XSS, HTML, and other injections may not always be visible to you as it could end up in a webpage that you may not have access to. For example, consider that a user submits a form to the web application applying for a role. In most cases, the web application would use RBAC (Role-based access control) and store the details from the form submission in a database and an endpoint where those with higher privileges could only access. This means those with higher privileges or correct roles may only see the injection attacks.
We are going to go over a simple idea of how to even get started. To detect injections that support HTTP requests, it would be a good idea to have a web server that captures HTTP request logging and displays its results. However, saving the logs in a file or keeping it in the web server logs may be tedious and inefficient to work with. Not only that, but we may not be able to receive live alerts / notifications unless extra work was put into it. So in this case, we are going to just send the request logging and the alerts logging to a discord channel with using separate discord webhooks.
First thing we must do is set up the actual web server and host it for receiving HTTP…
Bengali (Bangladesh) · 
English (United States) ·