Web Attacks

What is this repo?

This repository is for educational purpose which showcases some of the famous web related attacks through source code and explanatory README files. Efforts are made to explain the attack with extremely simple examples so that it gives a clear picture of vulnerability.

Which all attacks does it cover?

  • DOM Based XSS
  • Local file inclusion
  • Parameter tampering
  • Reflected XSS
  • Remote code execution
  • Remote file inclusion
  • Unvalidated redirects and forwards

Can I contribute to this project?

Absolutely !! Contributions are welcomed through Pull Requests. But a couple of points before you send your contribution :-

  • The coding style, directory structure, README.md and all other formats should match to the existing style of repository.


This education is for educational purpose only. Developers and contributers of this project will not be responsible for any damage caused directly or indirectly through this project.

Web Attacks




  • 基于DOM的XSS
  • 本地文件包含
  • 参数篡改
  • 反映XSS
  • 远程执行代码
  • 远程文件包含
  • 无效的重定向和转发


绝对!通过拉式请求欢迎捐款。但是在你发送你的贡献之前有几点: -

  • 编码风格,目录结构,README.md和所有其他格式应与存储库的现有样式相匹配。