Public Repository

Last pushed: a month ago
Short Description
This project is a web application xss(Cross Site Scripting ) security training platform.
Full Description

XssLearner

This project is a web application xss(Cross Site Scripting ) security training platform. XssLearner gives the opportunity to try out different type of xss attacks and follow up the necessary actions to prevent from hacking and to make sure the softwares are secure. Download Docker There is also a docker image available from Dockerhub you can pull it down with

docker pull nadeeshani/xsslearner

Then run,

docker run --rm -p 8080:8080 nadeeshani/xsslearner

What is the content?
XSS learner can be used to try out some common xss(cross site scripting) attacks, such as,

1. HTML element content Attack.

      <div>userInput</div>

2. HTML attribute value Attack.

      <input value="userInput">

3. JavaScript value Attack.

      js Method("userInput")

4. URL query value Attack.

     <img src ="userInput">

     <a href="userInput">

5. DOM based Attack.

     <div>userInput</div>

Then follow up the security guidelines to prevent each type of attacks by using OWASP Java Encoder .

XssLearner gives the opportunity to attack to a vulnerable code. Then it shows the secure way to follow when develop the software.

Docker Pull Command
Owner
nadeeshani

Comments (0)