XSS cookie stealer using JavaScript and PHP

Deliberately vulnerable scripts for Web Security training

A dynamic cross-site scripting (XSS) payload delivery system with team server abilities.

Report from Juice Shop Security Testing and notes from OTWA training

Pose ta Node Sur Mon Network

A online wordpress xss maker , only wordpress version 3.xx

This is an intentionally vuln webpage designed to practice XSS.

In this repository, I discuss the CSRF vulnerability and how to do execute a CSRF attack.

Automatic uppercase/lowercase XSS payload conversion

Demo website showcasing Trusted Types for CSP

This keylogger is based on php and because of this, I had to use MAMP to run it and it can be run locally. Victim username type is text so we can add a script in it which allows us to do an XSS and thus every thing goes to keylogger.php which runs and saved all to keylog.txt which can be viewed using view.php

A complete lab repository for Web Technologies and Web Security, including HTML, PHP, server hosting, penetration testing, SQL injection, and XSS practice.

About This is a repo of my solution of one XSS challenge website (http://sudo.co.il/xss/) . This challenges may have different types of solutions. My solutions are not the only one. So, keep searching & keep sharing.

Rogue website to demonstrate CSRF and XSS attacks.

Demonstration examples of XSS attacks