Skip to content

paralax/xss-labs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

ATTR-1

ATTR-1

 
 

PERSIST-1

PERSIST-1

 
 

common

common

 
 

.dockerignore

.dockerignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

index.php

index.php

 
 

Repository files navigation

xss-labs

small set of PHP scripts to practice exploiting XSS and CSRF injection vulns

why?

for training and testing purposes. you can test detection products (e.g. vulnerability scanners), exploit tools, etc.

these are NOT intended for evaluating appsec testing tools.

the idea is that you'd add these to an Apache VirtualHost directive for testing purposes. if you need to do some quick and dirty testing, fire up php -S 0.0.0.0:8080 or something and go to town. Or you can use the Dockerfile.

who?

jose nazario @jnazario

inspired by

https://github.com/AUDI-1/sqli-labs

useful links

XSS

SSRF

About

small set of scripts to practice exploit XSS and CSRF vulnerabilities

Resources

Readme

License

MIT license
Activity

Stars

55 stars

Watchers

6 watching

Forks

27 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages