Planet Hacking
Time to put theory into practice. Each lab is an intentionally vulnerable web application. Your goal: achieve XSS.
Lab 01
LinkDrop
Lab 02
PulseBoard
Lab 03
Relay
Tools & Resources
Need an external script file? You can load https://poc.jkbrah.com/p/alert.js as a hosted payload to pop an alert box.
Tool
postMessage Helper
Load a target page via iframe or window.open, then craft and send postMessage payloads to it.