GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → tegal1337 → 0l4bs

tegal1337 / 0l4bs

Licence: gpl-3.0
Cross-site scripting labs for web application security enthusiasts

Labels

bugbountyxss

Projects that are alternatives of or similar to 0l4bs

Findom Xss
A fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+160.5%)
Mutual labels:  xss, bugbounty
Android Reports And Resources
A big list of Android Hackerone disclosed reports and other resources.
Stars: ✭ 590 (+395.8%)
Mutual labels:  xss, bugbounty
Bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+178.15%)
Mutual labels:  xss, bugbounty
Gxss
A tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-3.36%)
Mutual labels:  xss, bugbounty
Quickxss
Automating XSS using Bash
Stars: ✭ 113 (-5.04%)
Mutual labels:  xss, bugbounty
Eagle
Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-28.57%)
Mutual labels:  xss, bugbounty
Xspear
Powerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+389.92%)
Mutual labels:  xss, bugbounty
vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+147.06%)
Mutual labels:  xss, bugbounty
Tiny Xss Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+719.33%)
Mutual labels:  xss, bugbounty
Blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+645.38%)
Mutual labels:  xss, bugbounty
PastebinMarkdownXSS
XSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-29.41%)
Mutual labels:  xss, bugbounty
Ezxss
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+758.82%)
Mutual labels:  xss, bugbounty
XSS-Payload-without-Anything
XSS Payload without Anything.
Stars: ✭ 74 (-37.82%)
Mutual labels:  xss, bugbounty
Resources
No description or website provided.
Stars: ✭ 38 (-68.07%)
Mutual labels:  xss, bugbounty
xssfinder
Toolset for detecting reflected xss in websites
Stars: ✭ 105 (-11.76%)
Mutual labels:  xss, bugbounty
Hackerone Reports
Top disclosed reports from HackerOne
Stars: ✭ 458 (+284.87%)
Mutual labels:  xss, bugbounty
Xss Payload List
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+2099.16%)
Mutual labels:  xss, bugbounty
Dalfox
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+564.71%)
Mutual labels:  xss, bugbounty
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+718.49%)
Mutual labels:  xss, bugbounty
Cazador unr
Hacking tools
Stars: ✭ 95 (-20.17%)
Mutual labels:  xss, bugbounty
View All Similar Projects ➔

0l4bs

Screenshoot
Cross-site scripting labs for web application security enthusiasts

List of Chall :

~ Chall 1 | URL
~ Chall 2 | Form
~ Chall 3 | User-Agent
~ Chall 4 | Referrer
~ Chall 5 | Cookie
~ Chall 6 | LocalStorage
~ Chall 7 | Login Page
~ Chall 8 | File Upload
~ Chall 9 | Base64 Encoding
~ Chall 10 | Removes Alert
~ Chall 11 | Removes Script
~ Chall 12 | Preg_replace
~ Chall 13 | HTML Entities
~ Chall 14 | Regex Filter #1
~ Chall 15 | Regex Filter #2
~ Chall 16 | Regex Filter #3
~ Chall 17 | HTML Entities + URL Encode
~ Chall 18 | HTML Entities #2 (Special Character)
~ Chall 19 | HTML Entities #3 (Input Value)
~ Chall 20 | HTML Entities #4 (Input Value + Capitalizes)

Screenshot :

Screenshoot
Screenshoot

Instalation :

  • Run your web server (XAMPP / LAMPP)
  • Clone the repository and put the files in the /htdocs/xss-labs
  • You can akses http://localhost:8080/xss-labs
  • Happy Hacking ^_^

Run this image

To run this image you need docker installed. Just run the command:

docker run --name web-ctf -d -it -p 80:80 hightechsec/xsslabs

Deploy Manually Docker image

  • Clone this repo (git clone https://github.com/tegal1337/0l4bs)
  • Then run docker build -t "xsslabs" . and wait untill it's done
  • If the build is clear, run this command docker run --name web-ctf -d -it -p 80:80 xsslabs

Write Up / Articles

0l4bs XSS Labs (https://blog.tegalsec.org/2020/10/0l4bs-cross-site-scripting-labs-for-web.html)
跨站脚本攻击实验室:0l4bs (https://zhuanlan.zhihu.com/p/108023848)
0l4bs XSS实验 (https://icssec.club/2020/02/25/0l4bs-XSS/)
Kitploit (https://www.kitploit.com/2020/02/0l4bs-cross-site-scripting-labs-for-web.html?m=0)

Support our organization by giving donations

Foo

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].