XSS Playground
Test XSS payloads in a safe environment and see how filters work
XSS Filter Testing
XSS Filter Status
Toggle the filter to see how XSS attacks work
XSS Test Input
Filter is ON - XSS attempts will be blocked
1
Common XSS Payloads
Click to load different XSS examples and see how they're filtered:
basic
<script>alert('XSS')</script>img Tag
<img src=x onerror="alert('XSS')">javascript
<a href="javascript:alert('XSS')">Click me</a>event Handler
<body onload="alert('XSS')">encoded
<script>alert('XSS')</script>case Variation
<ScRiPt>alert('XSS')</ScRiPt>About This Playground
What is XSS?
Cross-Site Scripting (XSS) allows attackers to inject malicious scripts into web pages viewed by other users. This playground demonstrates how these attacks work and how to prevent them.
Safe Environment
All code runs in an isolated sandbox with restricted access to browser APIs. Network requests, DOM manipulation, and file system access are blocked.
How It Works
- •Enter or load XSS payloads in the editor
- •Toggle the filter to see protection in action
- •Learn which patterns are dangerous
Educational Purpose
This tool is for learning only. Always implement proper security measures in production applications and never test on systems you don't own.