ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Cross-site scripting labs for web application security enthusiasts

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

Make XSS Great Again

A PHP script to run on your server to grab cookies through xss

The PHP cookie stealer is a tool that can be used in penetration testing (XSS attacks) to steal browser cookies for poc.

Detector of DOM based XSS

Online service application for book trading. Application was originally developed for 'Web Technologies' course @ETF_Sarajevo. After that, I have created XSS and CSRF omissions in the application in order to present how are mentioned attacks done on the web application.

Penetration testing of an old and vulnerable version of our university's web portal. Threats considered were XSS attacks, CSRF's, RFI's and SQLi's.

Beyond the alert() se trata de um projeto pessoal para contribuir com o mindset hacking compartilhando meus 10 centavos com a comunidade.

Displaying some xss vulnerabilities on the average PHP website.

🔐 Site seguro à ataques SQL INJECTION e XSS

A simple PHP application demonstrating a Stored Cross-Site Scripting (XSS) vulnerability. This project features a comment box where users can submit comments that are stored in a MySQL database and displayed on the page.

An intentionally vulnerable ecommerce website project built with PHP and MySQL for educational and ethical hacking purposes. This project is designed to help security enthusiasts and penetration testers learn and practice web application security testing in a safe and legal environment.

This website is vulnerable in XSS(Cross-Site Scripting).The user input from the comment section is not validated and sanitized.Due to that, XSS scripts(Javascript codes in usual) can be included in the comments.

An XSS attack technique caused by switching the character encoding of web browser rendering.