Build Content-Security-Policy headers from a JSON file (or build them programmatically)

An XSS Exploitation Tool

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

PHP Cookie Stealing Scripts for use in XSS

A simple web application to learn about Cross-Site Scripting (XSS)

A PHP application which runs on Heroku and dumps web site outputs including JavaScript generated contents.

Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.

It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. Checks on attribute values. Can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.

Explanation of Cross-site Scripting (XSS) with PHP mini project.

Secure login authentication and comment prevention from Cross site scripting ,SQL INJECTION , and session hijacking

arctil vulnerable web application is a sample website built with the purpose of being insecure.

🌐🔒 Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.

This project is for demonstration of SQL injection and Cross Site Scripting (XSS) attack on the inventory managment website and then also a secure version of the website to prevent the attack

This website contains multiple demonstrations of security in information systems. The goal is to spark interest in information systems and a curious desire to learn in the students.

Vulnerable codes and their fix in PHP