├── .gitattributes
├── .gitignore
├── README.md
├── payloads
    ├── jquery-3.3.1.min.js
    ├── test.js
    └── test.txt
├── targets
    ├── api.weakco.vlab
    │   ├── client
    │   │   ├── app.html
    │   │   └── jquery-3.3.1.min.js
    │   ├── config
    │   │   └── db.js
    │   ├── controllers
    │   │   ├── account.js
    │   │   ├── company.js
    │   │   ├── cookieAuth.js
    │   │   └── user.js
    │   ├── index.js
    │   ├── middleware
    │   │   ├── cookieSessionBouncer.js
    │   │   └── cookieSessionLoader.js
    │   ├── models
    │   │   └── User.js
    │   ├── package.json
    │   ├── routes
    │   │   ├── admin.js
    │   │   └── v1.js
    │   └── yarn.lock
    ├── cors.dem
    │   ├── Cors.dem.postman_collection.json
    │   ├── client
    │   │   ├── css
    │   │   │   ├── bulma.css
    │   │   │   ├── bulma.css.map
    │   │   │   └── bulma.min.css
    │   │   ├── index.html
    │   │   └── js
    │   │   │   ├── popper.min.js
    │   │   │   └── tippy.min.js
    │   ├── index.js
    │   ├── package.json
    │   ├── server
    │   │   ├── config
    │   │   │   └── db.js
    │   │   ├── controllers
    │   │   │   ├── cookieAuth.js
    │   │   │   └── data.js
    │   │   ├── middleware
    │   │   │   ├── cookieSessionBouncer.js
    │   │   │   └── cookieSessionLoader.js
    │   │   └── routes
    │   │   │   ├── auth.js
    │   │   │   ├── pattern.js
    │   │   │   ├── reflect.js
    │   │   │   └── sop.js
    │   └── yarn.lock
    ├── evilhacker.vlab
    │   ├── index.js
    │   ├── package.json
    │   └── yarn.lock
    ├── help.vlab
    │   ├── index.js
    │   ├── package.json
    │   ├── public
    │   │   ├── assets
    │   │   │   ├── css
    │   │   │   │   ├── bulma.css
    │   │   │   │   ├── bulma.css.map
    │   │   │   │   ├── bulma.min.css
    │   │   │   │   └── fontawesome-all.min.css
    │   │   │   ├── images
    │   │   │   │   ├── lock.png
    │   │   │   │   └── mic.jpg
    │   │   │   ├── js
    │   │   │   │   └── fontawesome-all.min.js
    │   │   │   └── webfonts
    │   │   │   │   ├── fa-brands-400.eot
    │   │   │   │   ├── fa-brands-400.svg
    │   │   │   │   ├── fa-brands-400.ttf
    │   │   │   │   ├── fa-brands-400.woff
    │   │   │   │   ├── fa-brands-400.woff2
    │   │   │   │   ├── fa-regular-400.eot
    │   │   │   │   ├── fa-regular-400.svg
    │   │   │   │   ├── fa-regular-400.ttf
    │   │   │   │   ├── fa-regular-400.woff
    │   │   │   │   ├── fa-regular-400.woff2
    │   │   │   │   ├── fa-solid-900.eot
    │   │   │   │   ├── fa-solid-900.svg
    │   │   │   │   ├── fa-solid-900.ttf
    │   │   │   │   ├── fa-solid-900.woff
    │   │   │   │   └── fa-solid-900.woff2
    │   │   ├── codeground.html
    │   │   ├── codeground
    │   │   │   ├── codeground-script.js
    │   │   │   ├── codeground-style.css
    │   │   │   ├── codeground.min.css
    │   │   │   └── codeground.min.js
    │   │   ├── handouts
    │   │   │   ├── JavaScript_Basics.html
    │   │   │   ├── JavaScript_Basics.md
    │   │   │   ├── JavaScript_HTTP.html
    │   │   │   ├── JavaScript_HTTP.md
    │   │   │   ├── Lab1_CORSI.html
    │   │   │   ├── Lab1_CORSI.md
    │   │   │   ├── Lab2_CORSII.html
    │   │   │   ├── Lab2_CORSII.md
    │   │   │   ├── Lab3_CSRFI.html
    │   │   │   ├── Lab3_CSRFI.md
    │   │   │   ├── Lab4_CSRFII.html
    │   │   │   ├── Lab4_CSRFII.md
    │   │   │   ├── Lab5_CSRFIII.html
    │   │   │   ├── Lab5_CSRFIII.md
    │   │   │   ├── Lab6_CSRF_CJ.html
    │   │   │   ├── Lab6_CSRF_CJ.md
    │   │   │   ├── Offensive_CSS.html
    │   │   │   ├── Offensive_CSS.md
    │   │   │   ├── Outline.md
    │   │   │   ├── The_DOM.html
    │   │   │   └── The_DOM.md
    │   │   ├── handoutviewer.html
    │   │   └── index.html
    │   └── yarn.lock
    └── www.weakco.vlab
    │   ├── data
    │       └── db.js
    │   ├── index.js
    │   ├── middleware
    │       └── requireauth.js
    │   ├── package-lock.json
    │   ├── package.json
    │   ├── public
    │       ├── css
    │       │   ├── bootstrap-responsive.css
    │       │   ├── bootstrap-responsive.min.css
    │       │   ├── bootstrap.css
    │       │   └── bootstrap.min.css
    │       ├── helloworld.html
    │       ├── img
    │       │   ├── glyphicons-halflings-white.png
    │       │   └── glyphicons-halflings.png
    │       └── js
    │       │   ├── bootstrap.js
    │       │   ├── bootstrap.min.js
    │       │   └── jquery.js
    │   ├── routes
    │       └── unauthenticated.js
    │   ├── session-store.db
    │   ├── views
    │       ├── balance.ejs
    │       ├── confirmTransfer.ejs
    │       ├── confirmemail.ejs
    │       ├── email.ejs
    │       ├── helloWorld.ejs
    │       ├── landing.ejs
    │       ├── login.ejs
    │       ├── partials
    │       │   ├── footer.ejs
    │       │   ├── headassets.ejs
    │       │   └── topnav.ejs
    │       ├── profile.ejs
    │       └── transfer.ejs
    │   └── yarn.lock
└── vagrant
    ├── .gitignore
    ├── Vagrantfile
    ├── finalize.sh
    ├── generators
        ├── gen_burp_conf.sh
        └── gen_nginx_conf.sh
    └── provision.sh


/.gitattributes:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/.gitattributes


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/.gitignore


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/README.md


--------------------------------------------------------------------------------
/payloads/jquery-3.3.1.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/payloads/jquery-3.3.1.min.js


--------------------------------------------------------------------------------
/payloads/test.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/payloads/test.js


--------------------------------------------------------------------------------
/payloads/test.txt:
--------------------------------------------------------------------------------
1 | helloworld
2 | 


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/client/app.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/client/app.html


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/client/jquery-3.3.1.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/client/jquery-3.3.1.min.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/config/db.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/config/db.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/controllers/account.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/controllers/account.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/controllers/company.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/controllers/company.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/controllers/cookieAuth.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/controllers/cookieAuth.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/controllers/user.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/controllers/user.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/index.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/index.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/middleware/cookieSessionBouncer.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/middleware/cookieSessionBouncer.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/middleware/cookieSessionLoader.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/middleware/cookieSessionLoader.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/models/User.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/models/User.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/package.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/package.json


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/routes/admin.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/routes/admin.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/routes/v1.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/routes/v1.js


--------------------------------------------------------------------------------
/targets/api.weakco.vlab/yarn.lock:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/api.weakco.vlab/yarn.lock


--------------------------------------------------------------------------------
/targets/cors.dem/Cors.dem.postman_collection.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/Cors.dem.postman_collection.json


--------------------------------------------------------------------------------
/targets/cors.dem/client/css/bulma.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/client/css/bulma.css


--------------------------------------------------------------------------------
/targets/cors.dem/client/css/bulma.css.map:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/client/css/bulma.css.map


--------------------------------------------------------------------------------
/targets/cors.dem/client/css/bulma.min.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/client/css/bulma.min.css


--------------------------------------------------------------------------------
/targets/cors.dem/client/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/client/index.html


--------------------------------------------------------------------------------
/targets/cors.dem/client/js/popper.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/client/js/popper.min.js


--------------------------------------------------------------------------------
/targets/cors.dem/client/js/tippy.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/client/js/tippy.min.js


--------------------------------------------------------------------------------
/targets/cors.dem/index.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/index.js


--------------------------------------------------------------------------------
/targets/cors.dem/package.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/package.json


--------------------------------------------------------------------------------
/targets/cors.dem/server/config/db.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/config/db.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/controllers/cookieAuth.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/controllers/cookieAuth.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/controllers/data.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/controllers/data.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/middleware/cookieSessionBouncer.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/middleware/cookieSessionBouncer.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/middleware/cookieSessionLoader.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/middleware/cookieSessionLoader.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/routes/auth.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/routes/auth.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/routes/pattern.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/routes/pattern.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/routes/reflect.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/routes/reflect.js


--------------------------------------------------------------------------------
/targets/cors.dem/server/routes/sop.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/server/routes/sop.js


--------------------------------------------------------------------------------
/targets/cors.dem/yarn.lock:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/cors.dem/yarn.lock


--------------------------------------------------------------------------------
/targets/evilhacker.vlab/index.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/evilhacker.vlab/index.js


--------------------------------------------------------------------------------
/targets/evilhacker.vlab/package.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/evilhacker.vlab/package.json


--------------------------------------------------------------------------------
/targets/evilhacker.vlab/yarn.lock:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/evilhacker.vlab/yarn.lock


--------------------------------------------------------------------------------
/targets/help.vlab/index.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/index.js


--------------------------------------------------------------------------------
/targets/help.vlab/package.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/package.json


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/css/bulma.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/css/bulma.css


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/css/bulma.css.map:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/css/bulma.css.map


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/css/bulma.min.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/css/bulma.min.css


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/css/fontawesome-all.min.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/css/fontawesome-all.min.css


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/images/lock.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/images/lock.png


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/images/mic.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/images/mic.jpg


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/js/fontawesome-all.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/js/fontawesome-all.min.js


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-brands-400.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-brands-400.eot


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-brands-400.svg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-brands-400.svg


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-brands-400.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-brands-400.ttf


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-brands-400.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-brands-400.woff


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-brands-400.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-brands-400.woff2


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-regular-400.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-regular-400.eot


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-regular-400.svg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-regular-400.svg


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-regular-400.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-regular-400.ttf


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-regular-400.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-regular-400.woff


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-regular-400.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-regular-400.woff2


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-solid-900.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-solid-900.eot


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-solid-900.svg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-solid-900.svg


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-solid-900.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-solid-900.ttf


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-solid-900.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-solid-900.woff


--------------------------------------------------------------------------------
/targets/help.vlab/public/assets/webfonts/fa-solid-900.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/assets/webfonts/fa-solid-900.woff2


--------------------------------------------------------------------------------
/targets/help.vlab/public/codeground.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/codeground.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/codeground/codeground-script.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/codeground/codeground-script.js


--------------------------------------------------------------------------------
/targets/help.vlab/public/codeground/codeground-style.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/codeground/codeground-style.css


--------------------------------------------------------------------------------
/targets/help.vlab/public/codeground/codeground.min.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/codeground/codeground.min.css


--------------------------------------------------------------------------------
/targets/help.vlab/public/codeground/codeground.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/codeground/codeground.min.js


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/JavaScript_Basics.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/JavaScript_Basics.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/JavaScript_Basics.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/JavaScript_Basics.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/JavaScript_HTTP.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/JavaScript_HTTP.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/JavaScript_HTTP.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/JavaScript_HTTP.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab1_CORSI.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab1_CORSI.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab1_CORSI.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab1_CORSI.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab2_CORSII.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab2_CORSII.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab2_CORSII.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab2_CORSII.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab3_CSRFI.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab3_CSRFI.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab3_CSRFI.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab3_CSRFI.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab4_CSRFII.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab4_CSRFII.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab4_CSRFII.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab4_CSRFII.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab5_CSRFIII.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab5_CSRFIII.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab5_CSRFIII.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab5_CSRFIII.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab6_CSRF_CJ.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab6_CSRF_CJ.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Lab6_CSRF_CJ.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Lab6_CSRF_CJ.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Offensive_CSS.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Offensive_CSS.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Offensive_CSS.md:
--------------------------------------------------------------------------------
1 | <!-- Not yet ready -->


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/Outline.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/Outline.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/The_DOM.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/The_DOM.html


--------------------------------------------------------------------------------
/targets/help.vlab/public/handouts/The_DOM.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/handouts/The_DOM.md


--------------------------------------------------------------------------------
/targets/help.vlab/public/handoutviewer.html:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/targets/help.vlab/public/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/public/index.html


--------------------------------------------------------------------------------
/targets/help.vlab/yarn.lock:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/help.vlab/yarn.lock


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/data/db.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/data/db.js


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/index.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/index.js


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/middleware/requireauth.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/middleware/requireauth.js


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/package-lock.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/package-lock.json


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/package.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/package.json


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/css/bootstrap-responsive.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/css/bootstrap-responsive.css


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/css/bootstrap-responsive.min.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/css/bootstrap-responsive.min.css


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/css/bootstrap.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/css/bootstrap.css


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/css/bootstrap.min.css:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/css/bootstrap.min.css


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/helloworld.html:
--------------------------------------------------------------------------------
1 | Hello World
2 | 


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/img/glyphicons-halflings-white.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/img/glyphicons-halflings-white.png


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/img/glyphicons-halflings.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/img/glyphicons-halflings.png


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/js/bootstrap.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/js/bootstrap.js


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/js/bootstrap.min.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/js/bootstrap.min.js


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/public/js/jquery.js:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/public/js/jquery.js


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/routes/unauthenticated.js:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/session-store.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/session-store.db


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/balance.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/balance.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/confirmTransfer.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/confirmTransfer.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/confirmemail.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/confirmemail.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/email.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/email.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/helloWorld.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/helloWorld.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/landing.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/landing.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/login.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/login.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/partials/footer.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/partials/footer.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/partials/headassets.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/partials/headassets.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/partials/topnav.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/partials/topnav.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/profile.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/profile.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/views/transfer.ejs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/views/transfer.ejs


--------------------------------------------------------------------------------
/targets/www.weakco.vlab/yarn.lock:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/targets/www.weakco.vlab/yarn.lock


--------------------------------------------------------------------------------
/vagrant/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/vagrant/.gitignore


--------------------------------------------------------------------------------
/vagrant/Vagrantfile:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/vagrant/Vagrantfile


--------------------------------------------------------------------------------
/vagrant/finalize.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/vagrant/finalize.sh


--------------------------------------------------------------------------------
/vagrant/generators/gen_burp_conf.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/vagrant/generators/gen_burp_conf.sh


--------------------------------------------------------------------------------
/vagrant/generators/gen_nginx_conf.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/vagrant/generators/gen_nginx_conf.sh


--------------------------------------------------------------------------------
/vagrant/provision.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ProfessionallyEvil/client-side-attacks-lab/HEAD/vagrant/provision.sh


--------------------------------------------------------------------------------