mirror of
https://github.com/nettitude/xss_payloads.git
synced 2024-11-12 23:47:06 +00:00
28 lines
563 B
PHP
28 lines
563 B
PHP
<?php
|
|
/**
|
|
XSS Payload generator and dropper
|
|
*/
|
|
|
|
/**
|
|
Payload types
|
|
- Request URL (img)
|
|
- Request URL (XHR)
|
|
- Load script ($.getScript())
|
|
- Load script (document.createElement())
|
|
- Dropper (multiple scripts / automatic payload)
|
|
|
|
Injection
|
|
- Basic polyglot / inline script
|
|
- 0xsobky - Ultimate XSS Polyglot
|
|
- String variable escape
|
|
- img element onerror
|
|
- SVG element
|
|
- Element onclick
|
|
|
|
Obfuscation
|
|
- base64 (btoa())
|
|
- reverse
|
|
- String.fromCharCode()
|
|
|
|
*/
|
|
?>
|