Cross-site scripting labs for web application security enthusiasts
~ Chall 1 | URL ~ Chall 2 | Form ~ Chall 3 | User-Agent ~ Chall 4 | Referrer ~ Chall 5 | Cookie ~ Chall 6 | LocalStorage ~ Chall 7 | Login Page ~ Chall 8 | File Upload ~ Chall 9 | Base64 Encoding ~ Chall 10 | Removes Alert ~ Chall 11 | Removes Script ~ Chall 12 | Preg_replace ~ Chall 13 | HTML Entities ~ Chall 14 | Regex Filter #1 ~ Chall 15 | Regex Filter #2 ~ Chall 16 | Regex Filter #3 ~ Chall 17 | HTML Entities + URL Encode ~ Chall 18 | HTML Entities #2 (Special Character) ~ Chall 19 | HTML Entities #3 (Input Value) ~ Chall 20 | HTML Entities #4 (Input Value + Capitalizes)
- Run your web server (XAMPP / LAMPP)
- Clone the repository and put the files in the /htdocs/xss-labs
- You can akses http://localhost:8080/xss-labs
- Happy Hacking ^_^
To run this image you need docker installed. Just run the command:
docker run --name web-ctf -d -it -p 80:80 hightechsec/xsslabs
- Clone this repo (
git clone https://github.com/tegal1337/0l4bs) - Then run
docker build -t "xsslabs" .and wait untill it's done - If the build is clear, run this command
docker run --name web-ctf -d -it -p 80:80 xsslabs
0l4bs XSS Labs (https://tegalsec.org/0l4bs-cross-site-scripting-labs-for-web-application-security-enthusiasts/)
跨站脚本攻击实验室:0l4bs (https://zhuanlan.zhihu.com/p/108023848)
0l4bs XSS实验 (https://icssec.club/2020/02/25/0l4bs-XSS/)
Kitploit (https://www.kitploit.com/2020/02/0l4bs-cross-site-scripting-labs-for-web.html?m=0)
