Bypassing the XSS Filters : Advanced XSS Tutorials for Web application Pen Testing

Sometimes, website owner use XSS filters(WAF) to protect against XSS vulnerability. For eg: if you put the alert("hi") , the
Filter will escape the "(quote) character , so the script will become




Now
this script won't work. Likewise Filters use different type of
filtering method to give protection against the XSS.  In this