🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

XssPayload List . Usage:

xss漏洞模糊测试payload的最佳集合 2020版

From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras

PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]

alert(1) to win payloads

Simple flask website to demonstrate reflected and stored XSS attacks.

A simple web application to learn about Cross-Site Scripting (XSS)

Proof-of-Concept exploit of CVE-2018-19131: Squid Proxy XSS via X.509 Certificate

Automation of KNOXSS extension.

PoC for XSS springfox-swagger-ui 2.9.1 to 3.0.0

An exploit and demonstration on how to exploit a Stored XSS vulnerability in https://anonstress.com.

An ongoing curated collection of awesome XSS software, libraries, frameworks, learning tutorials & practical resources cross-site scripting.

XSS Bypass techniquies

This is a repo of my solution of one XSS challenge website (http://sudo.co.il/xss/) . This challenges may have different types of solutions. My solutions are not the only one. So, keep searching & keep sharing.

VanillaForum 2.6.3 allows stored XSS.

An exploit and demonstration on how to exploit a Stored XSS vulnerability in https://anonstress.com.

Nginx + Modsecurity + Má configuração = Nego invadindo

XSS PoC