Skip to content

Web Security and Exploitation Cross Site Scripting

petcsclub/Hacking

Web Security and Exploitation

petcsclub/Hacking

Home
DevTools Tutorial
SQL Injections
About Us
About Us
- Disclaimer
Cheat Sheet
Cheat Sheet
Resources
Resources
- 1 Introduction to Web Exp
  1 Introduction to Web Exp
- 2 SQLi, LFI and Automating Attacks
  2 SQLi, LFI and Automating Attacks
  - Meeting 2 Labs
- 3 Introduction to Python
  3 Introduction to Python
  - Meeting 3 & 4 Notes
- 6 SQLi and Fuzzing
  6 SQLi and Fuzzing
- 7 XSS
  7 XSS
  - Cross Site Scripting Cross Site Scripting
    Table of contents
    
    Google XSS Challenge
    
    Some advice



Cross Site Scripting¶

Google XSS Challenge¶

Visit: https://xss-game.appspot.com/

Here is a list of all the link:

Level 1: Hello, world of XSS
Level 2: Persistence is key
Level 3: That sinking feeling...
Level 4: Context matters
Level 5: Breaking protocol
Level 6: Follow the 🐇

Some advice¶

Try injecting:

1	<b>Test</b>

What about this?

1	<button onclick="alert(1)">Click Me!</button>

What do you think this will do?

1	<a href="javascript:alert(1)">Click Me!</a>

Hmm this looks suspicious...

1	//www.google.com/jsapi?callback=alert