20Sep/09Off
Try XSS to break out of a rut
I'm again stealing a tip from David Christiansen (he's on a roll lately). Checkout his post on using cross-site scripting to get out of a testing rut. From the post:
<script>alert("f")</script>Paste it in every field.
If an alert pops up OR the field gets saved and then gets rendered without the script tags, you’ve found a cross-site scripting vulnerability.
As a side note, in a very funny turn of events, when I originally wrote this blog post I was rewarded with the following...
September 30th, 2009 - 03:04
alert(”f”)
Haha this is funny
Also try sql injection 
March 3rd, 2010 - 01:57
alert(”f”)