Skip to content

🐞 Understand how cross-site scripting occurs, how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.

License

Notifications You must be signed in to change notification settings

ShubhamJagtap2000/Cross-site-Scripting

Repository files navigation

Cross-site-Scripting (XSS) Walkthrough

Purpose of this repository

  1. Understand how cross-site scripting occurs and how to exploit it.
  2. Learn how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.
  3. This repo is open for contributions.

Screenshot (869)

Learning Resources

Table of Content

1. Introduction to XSS
2. Deploy the Machine

Deploy XSS Playground

3. XSS Payloads

Payload List

4. Stored XSS

Sample Payloads
Stored XSS Approach
Used Payloads
Scripts

5. Reflected XSS

Reflected XSS Approach
Sample Payloads

6. DOM XSS

DOM XSS Approach
Sample Payloads

7. Blind XSS
8. XSS For IP and Port Scanning

Used Scripts

9. Key-Logger With XSS
10. Filter Evasion

Scripts Used

11. Perfecting Your Payload

Level 1
Level 2
Level 3
Level 4
Level 5
Level 6
Payload List

12. Blilnd XSS Practical

Used Payloads

13. Protection Methods

Escaping
Validating Input
Sanitizing

14. Other Exploits

BeEF Tool

15. Further Learning

Important Links
XSS Reports
TryHackMe Rooms

16. XSS Polyglots
17. QnAs

Please ⭐ this repo if you really find it informative and learnable!