This is a security testing toolkit for finding HTML injection vulnerabilities where user input gets reflected into pages without proper sanitization. It walks through identifying injection points in search bars, forms, and URL parameters, then shows you how to exploit them with phishing overlays, fake login forms, and page defacement. The workflow is systematic: map vulnerable surfaces, test with basic HTML tags, escalate to stored and reflected injections, then construct realistic phishing attacks. It's geared toward offensive security work during authorized penetration tests. The payloads are ready to use but require solid understanding of the ethical and legal boundaries, this is not a beginner's reconnaissance tool.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill html-injection-testing