A lightweight, responsive web app built with AngularJS and Bootstrap 5 that allows users to generate SHA256 hashes from input strings.
A simple XSS payload host for testing and demonstrating stored/reflected XSS using GitHub Pages. Useful for bug bounty & security research.
A websocket chat with intentional security vulnerabilities
A comprehensive browser extension designed for authorized security testing and penetration testing activities. CyberInject provides quick access to common security payloads across multiple vulnerability categories.
A deliberately vulnerable web application built with Node.js, Express, and MySQL for security training. It provides a safe environment to learn about and exploit common web vulnerabilities like SQL Injection, XSS, CSRF, SSRF, and OS Command Injection.
An unsecure by-design PWA that students can analyse with a suite of tools and support to build their understanding of web-based secure software architecture.
XSS Lab by IHA089
📜 Herramienta fuera de línea en el navegador para gestionar cargas útiles de bug bounty. Sin instalar nada: abre el HTML y ya podrás crear, editar o eliminar categorías, agregar reglones con payloads, asignar estados (muy bueno/bueno/medio/débil), filtrar, anotar y copiar.
End-to-end web application security assessment of OWASP Juice Shop, including vulnerability identification, manual exploitation and detailed remediation reports.
A professional web-based security tool designed to detect and prevent Cross-Site Scripting (XSS) vulnerabilities in web applications
A Hands-On DOM Cross-Site Scripting (XSS) Learning Lab
An Advanced Web Application Firewall that protects against threats like SQL injection and XSS by filtering HTTP traffic. It combines signature-based detection and machine learning-based anomaly detection to identify obfuscated, zero-day, and unknown attacks through behavioral analysis.
This is an intentionally vuln webpage designed to practice XSS.
Automatically exported from code.google.com/p/domxsswiki .
XSS PoC/Exploit for Redactor JS 4 and prior.
XSS PoC/Exploit for Redactor JS 3 and prior.
A deliberately insecure web app to practice exploiting real-world vulnerabilities like SQL Injection, XSS, CSRF, IDOR, and more. Ideal for ethical hacking, CTF prep, and cybersecurity learning.
Hands-on Vulnerability Assessment & Pentesting Lab using DVWA hosted on Metasploitable and attacked from Kali Linux. Simulates OWASP Top 10 web vulnerabilities like SQLi, XSS, CSRF, and more using real-world tools such as SQLmap, Hydra, Burp Suite, and manual exploitation. Includes report, screenshots, and attack walkthroughs.
About This is a repo of my solution of one XSS challenge website (http://sudo.co.il/xss/) . This challenges may have different types of solutions. My solutions are not the only one. So, keep searching & keep sharing.
Add a description, image, and links to the xss topic page so that developers can more easily learn about it.
To associate your repository with the xss topic, visit your repo's landing page and select "manage topics."