XSS example for Security 2
Extremely simple example of an XSS attack. This case is used to see security analysis and protocols working in practice.
Installing and Running
Install with npm
npm install
Start two servers: the server hosting the page and a malicious server.
node server/server.js
node attacker/eve.js
Then open a browser, navigate to the webpage on localhost:3000?name=John
and see the name John displayed.
Now perform a penetration test on this application. Try to craft a url and make Eve listen in on the user's credentials!