XSS Training Platform

Master Cross-Site Scripting through hands-on labs designed to challenge and enhance your web application security skills.

92

Labs Available

4

XSS Categories

3

Difficulty Levels

100%

Hands-On

XSS Introduction Categories

📚

XSS Theory & Fundamentals

Learn the core concepts and types of Cross-Site Scripting vulnerabilities

XSS Lab Categories

🚀

Fundamental XSS Warmups

A fast on-ramp before you dive into the bootcamps

1 Lab 1: Simple input reflection Low
2 Lab 2: Basic attribute context Low

🔓

Reflected XSS Bootcamp

Instant Payload Challenges

🛡️

Reflected XSS Bootcamp No Hints

Instant Payload Challenges

💾

Stored XSS Workshop

Persistent Attack Scenarios

1 Lab 1: Comment board payload storage Medium
2 Lab 2: Guestbook payload replay Medium
3 Lab 3: Persistent payload across profiles Medium
4 Lab 4: Multi-field storage vectors Medium
5 Lab 5: Escalating stored payload Medium
6 Real-World 1: Bulletin board compromise High
7 Real-World 2: Admin panel takeover High
8 Real-World 3: Notification feed poison High
9 Real-World 4: Helpdesk ticket pivot High
10 Real-World 5: Cross-account persistence High

🪞

Self XSS Arena

Social engineering meets client-side scripting

1 Lab 1: Console injection bait Low
2 Lab 2: Clipboard assisted payload Low
3 Lab 3: Chat window lure Low
4 Lab 4: Copy/paste payload delivery Low
5 Lab 5: Convincing phishing scenario Medium

🌐

DOM XSS Laboratory

Client-Side Manipulation Labs

1 Lab 1: URL fragment sink discovery Medium
2 Lab 2: Query parameter DOM sync Medium
3 Lab 3: Hash-based router bypass Medium
4 Lab 4: Dangerous innerHTML assignment Medium
5 Lab 5: Template literal gadget chain High

🎯

Blind XSS Range

Out-of-Band Detection Challenges