Mirrors/xss_payloads
2
0
Fork 0
mirror of https://github.com/nettitude/xss_payloads.git synced 2024-11-10 06:34:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

Updated readme

Browse source
This commit is contained in:
strawp 2021-07-17 16:22:50 +01:00
parent 8502427f7d
commit 1801217236
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -20,6 +20,11 @@ Some of the files are plain JavaScript .js files, others are PHP scripts which s
* If you're running these over HTTPS for actual exploitation rather than a PoC, you'll need a proper trusted TLS cert (Let's Encrypt CA, for example) otherwise victim's browsers won't fetch the files at all. If it's for a PoC you can just temporarily trust your self signed cert. * If you're running these over HTTPS for actual exploitation rather than a PoC, you'll need a proper trusted TLS cert (Let's Encrypt CA, for example) otherwise victim's browsers won't fetch the files at all. If it's for a PoC you can just temporarily trust your self signed cert.
* Hit F12 and view the debug console for any information about why a particular script might not work * Hit F12 and view the debug console for any information about why a particular script might not work
## Generator
`generator.php` is a tool which can help to load one of the below payloads or to inject a custom payload using various injection, execution and encoding options.
## Payloads ## Payloads
### apache_httponly_bypass.js ### apache_httponly_bypass.js