fuzzdb

mirror of https://github.com/fuzzdb-project/fuzzdb.git synced 2024-09-20 06:01:57 +00:00

History

grac 3968bbc537 Update all-encodings-of-lt.txt missing double url encode		2019-08-20 14:53:40 +02:00
..
all-encodings-of-lt.txt	Update all-encodings-of-lt.txt	2019-08-20 14:53:40 +02:00
default-javascript-event-attributes.txt	Fix #144	2016-05-25 17:56:24 -06:00
html-event-attributes.txt	Add HTML event attributes	2016-06-16 18:05:52 +02:00
JHADDIX_XSS_WITH_CONTEXT.doc.txt	JHADDIX_XSS_WITH_CONTEXT.txt from SecLists	2016-03-09 18:54:51 -05:00
README.md	Update README.md	2016-03-08 21:08:24 -05:00
test.xxe	Test file	2016-03-07 19:24:21 -05:00
xss-other.txt	added 2 style context XSS attacks for LESS	2016-10-19 14:12:27 +03:00
xss-rsnake.txt	Fix #144	2016-05-25 17:56:24 -06:00
xss-uri.txt	Fix #144	2016-05-25 17:56:24 -06:00
XSSPolyglot.txt	Fix #144	2016-05-25 17:56:24 -06:00

README.md

test.xxe - requested by some payloads from fuzzdb github repo raw filepath
xss-rsnake.fuzz.txt - rsnake's classic fuzzfile, modified to load http://xss.rocks test files
xss-other.fuzz.txt - newer payloads from various sources: my own testing, interesting filter bypassed found in the wild, etc.
xss-uri.fuzz.txt - URI abuse test cases
XSSPolyglot.fuzz.txt - from https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot - check the page for filter evasions and other interesting stuff

HTML5 Cheatsheet

WASC Script Mapping Project

http://projects.webappsec.org/w/page/13246958/Script%20Mapping