XSS Introduction

This is a simple online explaination of XSS attacks designed to allow people to see in a hands on manner.

It is interactive so that people can see the effects in real time, and to be simpler to follow.

  1. Introduction: Setup the cookie
  2. Simple cookie stealing
  3. Basic filtered input
  4. Evading simple filtering
  5. I can run script, what now?
  6. Protecting against these attacks


This is intentionally a very simple set of "lessons", and I'm glossing over a lot.

Any comments are welcome though - mail me if you wish - though if you ask for help in "Hacking websites" I'll ignore you, as you've obviously missed the point.