Mirrors/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-13 14:52:53 +00:00

Author	SHA1	Message	Date
Cory Cline	a8d8434756	Shortened payload Make payload shorter.	2022-10-13 19:48:20 -05:00
Cory Cline	fbed4254e5	Fixed an oops Somehow I deleted line 120 in a prior commit. Fixed.	2022-10-13 18:52:07 -05:00
Cory Cline	9ee8f092cd	Changed link for document.cookie blacklist Link was not working due to use of period in title.	2022-10-13 18:46:52 -05:00
Cory Cline	9a42be1113	Replaced console.log with alert It's more common to want alert screenshots vs console screenshots.	2022-10-13 18:45:55 -05:00
Cory Cline	f23f28c4e2	Shortened payload Shortened the document.cookie blacklist bypass payload.	2022-10-13 18:43:54 -05:00
Cory Cline	5d561ea7d6	Added document.cookie blacklist bypass Added an alternative to document.cookie for situations when this text is blacklisted.	2022-10-13 18:23:36 -05:00
clem9669	2aa353a5b9	Update XSS_Polyglots.txt Adding the latest BruteLogic polyglot	2022-10-05 09:45:15 +00:00
Deep Dhakate	a670a26eea	Update	2022-10-02 06:13:01 +00:00
clem9669	88134256c8	Adding brutelogic polyglot Adding brutelogic polyglot from blog post.	2022-09-13 11:58:10 +00:00
Swissky	d24e3f2d61	Merge pull request #497 from kz-cyber/xss/angular-xss-2 [update] Angular XSS payload	2022-09-07 00:34:29 +02:00
its0x08	31b213227e	fix: Fix more spelling	2022-08-09 11:05:40 +02:00
its0x08	fc1f3b25a7	fix: Fix spelling	2022-08-09 11:02:21 +02:00
khiemtq-cyber	507c493db2	Update Angular XSS	2022-05-07 12:55:15 +07:00
idealphase	6738f878f3	Updated README.md Added References: Bypassing Signature-Based XSS Filters: Modifying Script Code	2022-04-19 10:45:32 +07:00
idealphase	de532030df	Merge branch 'swisskyrepo:master' into master	2022-04-19 10:43:04 +07:00
Swissky	85a50869f2	Merge pull request #482 from khiemtq-cyber/xss/angular-xss-1 [update] Angular XSS payload	2022-04-18 21:01:44 +02:00
Ooggle	39d1c6e7d8	Add document blacklist bypass	2022-04-09 12:55:21 +02:00
ktq-cyber	5d898e004f	[update] Angular XSS payload	2022-02-23 22:26:16 +07:00
idealphase	e9eac5ca59	Update README.md	2021-11-10 22:40:40 +07:00
idealphase	6c7df7dc4e	Update README.md Add Bypass dot filter	2021-11-10 22:38:02 +07:00
Philippe Arteau	9d30f792d4	Remove filename with special characters. The filename are already covered in `XSS Injection/README.md`	2021-10-29 12:56:55 -04:00
Philippe Arteau	16986febde	Remove filename with special characters. The filename are already covered in `XSS Injection/README.md`	2021-10-29 12:56:41 -04:00
Philippe Arteau	7443da045a	Remove filename with special characters. The filename are already covered in `XSS Injection/README.md`	2021-10-29 12:56:25 -04:00
Markus	7996b4f905	Update XSS README.md Remove unnecessary complexity from CSP bypass payload	2021-10-01 16:10:23 +02:00
Lorenzo Grazian	7369ee28b3	Added XSS <object> payload	2021-09-02 15:14:29 +02:00
Swissky	1e85308ae2	Merge pull request #395 from daffainfo/patch-1 Adding Cloudflare XSS payload	2021-08-25 22:21:54 +02:00
Swissky	f89597725a	Merge pull request #416 from Bort-Millipede/master Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…	2021-08-25 22:17:53 +02:00
Alexandre ZANNI	4791962be5	document.domain, window.origin and console.log usage	2021-08-24 20:29:02 +02:00
Jeffrey Cap	9bde75b32d	Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload	2021-08-23 14:41:40 -05:00
Swissky	87be30d3b2	DB2 Injection + ADCS	2021-08-10 23:00:19 +02:00
Xib3rR4dAr	ae98d629f0	Update README.md Removed duplicates.	2021-08-04 09:29:24 +05:00
Swissky	1fd9260d1e	Update README.md	2021-07-31 11:28:23 +02:00
c14dd49h	ee12f8e480	Update README.md	2021-07-22 16:55:03 +02:00
c14dd49h	eddc716d8c	Update README.md	2021-07-22 14:47:36 +02:00
Muhammad Daffa	2b6c3cb360	Adding Cloudflare XSS payload	2021-07-15 12:48:02 +07:00
PinkDev1	21c1690adf	Fixed typo on "Tips" section	2021-06-16 19:24:17 +00:00
Swissky	62b897c936	Merge pull request #376 from noraj/patch-2 XSS: add quick tips for bXSS	2021-06-16 13:56:29 +02:00
Alexandre ZANNI	c469236204	XSS: add quick tips for bXSS	2021-06-16 13:25:46 +02:00
Alexandre ZANNI	8547ac7dfc	XSS: remove bluelotus the project is empty	2021-06-16 13:18:08 +02:00
Swissky	08b59f2856	AD update CME+DCOM	2021-04-21 22:27:07 +02:00
linoskoczek	825295e465	Update README.md Fix broken links in Summary	2021-03-18 19:16:59 +00:00
lapolis_aka_blu	6f758ba6c0	Added closing bracket in unicode full width bypass Yeah I know it is logic to use it if you really need the closing tag. But having both brackets in your repo makes it quicker to copy paste :D	2021-01-15 16:38:51 +00:00
Swissky	f7e8f515a5	Application Escape and Breakout	2020-12-17 08:56:58 +01:00
Max Boll	2a65064d15	little update	2020-10-27 14:10:35 +01:00
Max Boll	350c55a1ac	XSS Tools added	2020-10-27 13:31:37 +01:00
Vincent Gilles	0b90094002	Fix(Docs): Correcting typos on the repo	2020-10-17 22:52:35 +02:00
Max Rodrigo	2f40961990	Fix PHP XSS data collector line breaks	2020-09-05 10:36:58 +02:00
Viren Pawar	0266a7dd67	[Update] Added 1 payload Added one payload which executes without any usage of single or double quotes. Helpful when you have AngularJS injection but quotes are blocked by application. Working proof of payload here: https://portswigger-labs.net/xss/angularjs.php?type=reflected&csp=0&version=1.6.0&x={{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}	2020-08-15 16:29:13 +05:30
Swissky	c7e3ea005e	Powershell Remoting	2020-08-09 12:15:56 +02:00
Swissky	dd40ddd233	XSS summary subentries + GraphTCP	2020-07-12 14:44:33 +02:00

1 2

82 commits