Jump to content

Looking for suggestions on my XSS security area

Satal Keto

Recommended Posts

I run a small website which deals with programming and one of the things that I have produced is a hackable guestbook (XSS only).

Basically you're able to choose the type of php filtering function is performed on the text to be displayed in the guestbook.

This is primarily supposed to be for web developers to allow them to get a better understanding of what can be done against different php filtering functions, but obviously it can also be used by hackers who wish to practice their XSS in a safe and legal place where they can see what attack strings work against which functions.

The posts made on the guestbook can only be viewed by the person who made the post, so there is no problem with people performing XSS against other people on my site.

Anyway to the point of this thread.

I have made this and I was wondering whether anyone would be willing to look at it and give feedback on it, whether it just be that they like the idea or something more in depth, like suggestions on ways to improve it.

My website is at http://www.SatalKeto.co.uk, unfortunately you will need to create a login to use the XSS Area, but this is mostly to do with having a good method of ensuring that you're only going to view posts which you made.

Then you need to click on "Security Areas" in the Navigation bar, then click on "XSS" which as long as you're logged in then you will be able to see a blank guestbook, that you can attack.

The php filtering functions available are in a drop down box at the top of the page.

Anway thank you to anyone who takes the time to look at it in advance

Satal :lol:

P.S. I know that especially the Security Area where the XSS area is listed, the layout isn't 100%, I do plan on fixing that, but I first want to see if people think that its worth keeping first (which I hope you do)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...