Skip content
Are you looking for?
LRQA Cyber Labs

Exploiting Network Security Cameras: Understanding and Mitigating the Risks

github GitHub: https://github.com/nettitude/xss_payloads

We curate a set of fun and interesting Cross Site Scripting (XSS) payloads.  They’re designed for quick and effective attacks when time is too short and using a framework is too big.  Our payloads allow you to have fun with things such as:

  • Obtaining NTLM hashes from your victim, ready to crack and use on perimeter services
  • Scan internal networks as part of further enumeration
  • Obtain credentials directly from your victim
  • Grab sensitive content from your victim’s DOM
  • …and much more!
Login XSS

Login XSS

Over time, these payloads will be further developed and expanded upon.  Throw them in your testing kit for quick and dirty Cross Site Scripting wins.

github GitHub: https://github.com/nettitude/xss_payloads

Latest Cyber Labs articles

  • Hash Relaying: The Path to Domain Admin

    Article

    Discover how common AD misconfigurations still let NTLM relay attacks turn a simple SMB or HTTP auth into...

  • You're absolutely right: Vibe coding in the world of...

    LRQA Cyber Labs

    Article

    Explore how AI and 'vibe coding' are transforming penetration testing, from prompt-driven development to modular attack tools and...

  • Remote Code Execution in Broadcom Altiris IRM

    LRQA Cyber Labs

    Article

    A critical unauthenticated remote code execution (RCE) vulnerability was discovered in the Broadcom Symantec Altiris Inventory Rule Management...

  • Exploring the Shadow Labyrinth

    LRQA Cyber Labs

    Article

    How LRQA cracked the Shadow Labyrinth in Hack The Box’s 2025 CTF, using reverse engineering, decryption and custom...

  • Next Level Smuggling with WebAssembly

    LRQA Cyber Labs

    Article

    Using WebAssembly to deliver malicious payloads through HTML smuggling.

  • The $1.5bn Bybit theft – what happened?

    LRQA Cyber Labs

    Article

    An analysis of one of the most significant breaches in crypto history - the theft of $1.5 billion...

  • Introducing Raccoon

    LRQA Cyber Labs

    Article

    Introducing Raccoon - a C# tool for extending the screenshot functionality of Command and Control (C2) frameworks, even...

  • Time Travel Debugging Shellcode with Binary Ninja

    Article

    Learn how to debug shellcode using Time Travel Debugging (TTD) in Binary Ninja. This guide walks you through...

  • Binary Ninja Plugin

    Article

    Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware...