About me
Settings
Info

Hage Yaapa

Seeker of knowledge, hacker of things. Lover of cats. Owner of unmatched enthusiasm.

www.hacksparrow.com
Copyright © 2021 Hage Yaapa

    Subscribe to my newsletter.

    • Home
    • hacking
    • xss
    • vulnerable-apps

    Vulnerable Apps

    If you can recreate it, you understand it. This is a growling list of apps vulnerable to XSS created by hardening the app to various degrees.
    • XSS vulnerable app 000-a

      The most vulnerable app in the world, it will render any input as-such on the screen.

      Sep 25, 2019
    • XSS vulnerable app 000-b

      H4x0ring not allowed! All `script` tags will be removed. Don't even try!

      Sep 25, 2019
    • XSS vulnerable app 000-c

      `script` and `SCRIPT` not allowed!

      Sep 25, 2019
    • XSS vulnerable app 000-d

      Any `script` tags and the likes `SCRIPT`, `sCripT` etc., are filtered using military grade regex.

      Sep 25, 2019
    • XSS vulnerable app 000-e

      Don't you think you can use the `img` tag to sneak in XSS!

      Sep 25, 2019
    • XSS vulnerable app 000-f

      Only white-listed HTML elements are supported because of security concerns.

      Sep 25, 2019
    • XSS vulnerable app 000-g

      Only `br` is supported in this app for security reasons.

      Sep 25, 2019
    1 Next
    Copyright © 2021 Hage Yaapa