fuzzdb/attack/xss
2016-08-22 23:35:08 -04:00
..
all-encodings-of-lt.txt Fix #144 2016-05-25 17:56:24 -06:00
default-javascript-event-attributes.txt Fix #144 2016-05-25 17:56:24 -06:00
JHADDIX_XSS_WITH_CONTEXT.doc.txt JHADDIX_XSS_WITH_CONTEXT.txt from SecLists 2016-03-09 18:54:51 -05:00
README.md Update README.md 2016-03-08 21:08:24 -05:00
test.xxe Test file 2016-03-07 19:24:21 -05:00
xss-other.txt wikimedia exploit T137264 2016-08-22 23:35:08 -04:00
xss-rsnake.txt Fix #144 2016-05-25 17:56:24 -06:00
xss-uri.txt Fix #144 2016-05-25 17:56:24 -06:00
XSSPolyglot.txt Fix #144 2016-05-25 17:56:24 -06:00

test.xxe - requested by some payloads from fuzzdb github repo raw filepath
xss-rsnake.fuzz.txt - rsnake's classic fuzzfile, modified to load http://xss.rocks test files
xss-other.fuzz.txt - newer payloads from various sources: my own testing, interesting filter bypassed found in the wild, etc.
xss-uri.fuzz.txt - URI abuse test cases
XSSPolyglot.fuzz.txt - from https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot - check the page for filter evasions and other interesting stuff

HTML5 Cheatsheet


WASC Script Mapping Project