Challenge 1 Complete!

Well done! Whilst a developer commenting about hard coded credentials is unlikely, there may be things that give away details about the implementation.

Challenge 2: XSS

For this exercise you will practice making a XSS (Cross-Site Scripting) attack.

In really simple terms, XSS involves entering data containing Javascript. Don't worry if you don't know javascript, injection or similar concepts. To start with try copy-pasting each of the below in turn into the text field.

1. XSS
2. <b>XSS</b>
3. <script>alert('XSS')</script>

Challenge

What type of attack are we trying?

Enter your attack into the form to practice XSS