Skills
.Work. You
Rest

Cross-Site_Scripting

Community

Identify, exploit, and defend against XSS.

Education & Research#xss#web-security#penetration-testing#payload#vulnerability-assessment#session-hijacking#lab-training
AuthorAnchovy317
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps security testers identify and understand XSS vulnerabilities in web applications by guiding them through discovery, payload construction, and verification in a controlled lab environment.

Core Features & Use Cases

  • XSS discovery: Locate user-input fields susceptible to Stored, Reflected, and DOM-based XSS.
  • Payload exploitation: Craft and deploy payloads to execute JavaScript in the victim's browser.
  • Session hijacking demo: Demonstrate how stolen cookies can be captured and used in an attack workflow for training purposes.
  • Preventive guidance: Document defensive practices and suggested mitigations for developers.

Quick Start

Start the lab server, connect to the VPN, and navigate to the lab's assessment pages. Identify a vulnerable input field, inject a working XSS payload to trigger JavaScript, and then perform a basic session-hijacking test by attempting to capture cookies with a payload. Record findings and reference mitigation steps for future fixes.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: Cross-Site_Scripting
Download link: https://github.com/Anchovy317/CBBH/archive/main.zip#cross-site-scripting

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.