Build Content-Security-Policy headers from a JSON file (or build them programmatically)

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

PHP Cookie Stealing Scripts for use in XSS

A simple web application to learn about Cross-Site Scripting (XSS)

A PHP application which runs on Heroku and dumps web site outputs including JavaScript generated contents.

It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. Checks on attribute values. Can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.

Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.

Explanation of Cross-site Scripting (XSS) with PHP mini project.

Secure login authentication and comment prevention from Cross site scripting ,SQL INJECTION , and session hijacking

arctil vulnerable web application is a sample website built with the purpose of being insecure.

🌐🔒 Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.

Vulnerable codes and their fix in PHP