KrazePlanetLabs Academy
Interactive web security training. Solve realistic vulnerabilities and level up your hacking skills.
Cross-Site Scripting (XSS)
LAB
EASY
Reflected XSS into HTML context with nothing encoded
ACCESS THE LAB
LAB
EASY
Reflected XSS - Alternative Context
ACCESS THE LAB
LAB
MEDIUM
Self XSS using POST variables
ACCESS THE LAB
LAB
MEDIUM
Stored XSS - Profile Settings reflection
ACCESS THE LAB
LAB
MEDIUM
Stored XSS - Avatar Upload filename reflection
ACCESS THE LAB
LAB
HARD
DOM XSS - Client-side source to sink extraction
ACCESS THE LAB
LAB
HARD
Blind XSS - Out-of-band detection
ACCESS THE LAB
Remote Code Execution (RCE)
LAB
MEDIUM
OS Command Injection - Simple Ping
ACCESS THE LAB
LAB
HARD
OS Command Injection - Blind Time-based
ACCESS THE LAB