search

Abhi-M / alert-labs

Cross-site scripting labs for web application security enthusiasts
https://exploitme.info/alert-labs/
Apache License 2.0
9 stars 2 forks source link

Add BlindXSS #1

Open ghost opened 5 years ago

ghost commented 5 years ago

Can you add a blind xss lab. ie exploiting via User-Agent,Referer and Custom header

Abhi-M commented 5 years ago

Thanks for the suggestion, buddy. Super happy to see that :) Alert lab 3 and 4 are reflected XSS through user-agent and referrer respectively. Blind xss and xss-through-custom-header sounds great. I will add both of them to the 'to do' list.