Skip to content

Instantly share code, notes, and snippets.

@DannyDainton

DannyDainton/naughtyStrings.json

Last active February 20, 2024 20:21
Show Gist options
  • Save DannyDainton/b820904694a91e20de1ad900cdeb3a94 to your computer and use it in GitHub Desktop.
Save DannyDainton/b820904694a91e20de1ad900cdeb3a94 to your computer and use it in GitHub Desktop.
Download ZIP
The Big List of Naughty Strings (https://github.com/minimaxir/big-list-of-naughty-strings) in a JSON data file that can be used with Postman's Collection Runner. You would only need to add the `{{naughtyValue}}` variable to the request and the Collection Runner will do the rest.
Raw
naughtyStrings.json
[
{
"naughtyValue": ""
},
{
"naughtyValue": "undefined"
},
{
"naughtyValue": "undef"
},
{
"naughtyValue": "null"
},
{
"naughtyValue": "NULL"
},
{
"naughtyValue": "(null)"
},
{
"naughtyValue": "nil"
},
{
"naughtyValue": "NIL"
},
{
"naughtyValue": "true"
},
{
"naughtyValue": "false"
},
{
"naughtyValue": "True"
},
{
"naughtyValue": "False"
},
{
"naughtyValue": "TRUE"
},
{
"naughtyValue": "FALSE"
},
{
"naughtyValue": "None"
},
{
"naughtyValue": "hasOwnProperty"
},
{
"naughtyValue": "\\"
},
{
"naughtyValue": "\\\\"
},
{
"naughtyValue": "0"
},
{
"naughtyValue": "1"
},
{
"naughtyValue": "1.00"
},
{
"naughtyValue": "$1.00"
},
{
"naughtyValue": "1/2"
},
{
"naughtyValue": "1E2"
},
{
"naughtyValue": "1E02"
},
{
"naughtyValue": "1E+02"
},
{
"naughtyValue": "-1"
},
{
"naughtyValue": "-1.00"
},
{
"naughtyValue": "-$1.00"
},
{
"naughtyValue": "-1/2"
},
{
"naughtyValue": "-1E2"
},
{
"naughtyValue": "-1E02"
},
{
"naughtyValue": "-1E+02"
},
{
"naughtyValue": "1/0"
},
{
"naughtyValue": "0/0"
},
{
"naughtyValue": "-2147483648/-1"
},
{
"naughtyValue": "-9223372036854775808/-1"
},
{
"naughtyValue": "-0"
},
{
"naughtyValue": "-0.0"
},
{
"naughtyValue": "+0"
},
{
"naughtyValue": "+0.0"
},
{
"naughtyValue": "0.00"
},
{
"naughtyValue": "0..0"
},
{
"naughtyValue": "."
},
{
"naughtyValue": "0.0.0"
},
{
"naughtyValue": "0,00"
},
{
"naughtyValue": "0,,0"
},
{
"naughtyValue": ","
},
{
"naughtyValue": "0,0,0"
},
{
"naughtyValue": "0.0/0"
},
{
"naughtyValue": "1.0/0.0"
},
{
"naughtyValue": "0.0/0.0"
},
{
"naughtyValue": "1,0/0,0"
},
{
"naughtyValue": "0,0/0,0"
},
{
"naughtyValue": "--1"
},
{
"naughtyValue": "-"
},
{
"naughtyValue": "-."
},
{
"naughtyValue": "-,"
},
{
"naughtyValue": "999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999"
},
{
"naughtyValue": "NaN"
},
{
"naughtyValue": "Infinity"
},
{
"naughtyValue": "-Infinity"
},
{
"naughtyValue": "INF"
},
{
"naughtyValue": "1#INF"
},
{
"naughtyValue": "-1#IND"
},
{
"naughtyValue": "1#QNAN"
},
{
"naughtyValue": "1#SNAN"
},
{
"naughtyValue": "1#IND"
},
{
"naughtyValue": "0x0"
},
{
"naughtyValue": "0xffffffff"
},
{
"naughtyValue": "0xffffffffffffffff"
},
{
"naughtyValue": "0xabad1dea"
},
{
"naughtyValue": "123456789012345678901234567890123456789"
},
{
"naughtyValue": "1,000.00"
},
{
"naughtyValue": "1 000.00"
},
{
"naughtyValue": "1'000.00"
},
{
"naughtyValue": "1,000,000.00"
},
{
"naughtyValue": "1 000 000.00"
},
{
"naughtyValue": "1'000'000.00"
},
{
"naughtyValue": "1.000,00"
},
{
"naughtyValue": "1 000,00"
},
{
"naughtyValue": "1'000,00"
},
{
"naughtyValue": "1.000.000,00"
},
{
"naughtyValue": "1 000 000,00"
},
{
"naughtyValue": "1'000'000,00"
},
{
"naughtyValue": "01000"
},
{
"naughtyValue": "08"
},
{
"naughtyValue": "09"
},
{
"naughtyValue": "2.2250738585072011e-308"
},
{
"naughtyValue": ",./;'[]\\-="
},
{
"naughtyValue": "<>?:\"{}|_+"
},
{
"naughtyValue": "!@#$%^&*()`~"
},
{
"naughtyValue": "\u0001\u0002\u0003\u0004\u0005\u0006\u0007\b\u000e\u000f\u0010\u0011\u0012\u0013\u0014\u0015\u0016\u0017\u0018\u0019\u001a\u001b\u001c\u001d\u001e\u001f"
},
{
"naughtyValue": "€‚ƒ„†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ"
},
{
"naughtyValue": "\t\u000b\f …             ​

   "
},
{
"naughtyValue": "­؀؁؂؃؄؅؜۝܏᠎​‌‍‎‏‪‫‬‭‮⁠⁡⁢⁣⁤⁦⁧⁨⁩𑂽𛲠𛲡𛲢𛲣𝅳𝅴𝅵𝅶𝅷𝅸𝅹𝅺󠀁󠀠󠀡󠀢󠀣󠀤󠀥󠀦󠀧󠀨󠀩󠀪󠀫󠀬󠀭󠀮󠀯󠀰󠀱󠀲󠀳󠀴󠀵󠀶󠀷󠀸󠀹󠀺󠀻󠀼󠀽󠀾󠀿󠁀󠁁󠁂󠁃󠁄󠁅󠁆󠁇󠁈󠁉󠁊󠁋󠁌󠁍󠁎󠁏󠁐󠁑󠁒󠁓󠁔󠁕󠁖󠁗󠁘󠁙󠁚󠁛󠁜󠁝󠁞󠁟󠁠󠁡󠁢󠁣󠁤󠁥󠁦󠁧󠁨󠁩󠁪󠁫󠁬󠁭󠁮󠁯󠁰󠁱󠁲󠁳󠁴󠁵󠁶󠁷󠁸󠁹󠁺󠁻󠁼󠁽󠁾󠁿"
},
{
"naughtyValue": ""
},
{
"naughtyValue": "￾"
},
{
"naughtyValue": "Ω≈ç√∫˜µ≤≥÷"
},
{
"naughtyValue": "åß∂ƒ©˙∆˚¬…æ"
},
{
"naughtyValue": "œ∑´®†¥¨ˆøπ“‘"
},
{
"naughtyValue": "¡™£¢∞§¶•ªº–≠"
},
{
"naughtyValue": "¸˛Ç◊ı˜Â¯˘¿"
},
{
"naughtyValue": "ÅÍÎÏ˝ÓÔÒÚÆ☃"
},
{
"naughtyValue": "Œ„´‰ˇÁ¨ˆØ∏”’"
},
{
"naughtyValue": "`⁄€‹›fifl‡°·‚—±"
},
{
"naughtyValue": "⅛⅜⅝⅞"
},
{
"naughtyValue": "ЁЂЃЄЅІЇЈЉЊЋЌЍЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫЬЭЮЯабвгдежзийклмнопрстуфхцчшщъыьэюя"
},
{
"naughtyValue": "٠١٢٣٤٥٦٧٨٩"
},
{
"naughtyValue": "⁰⁴⁵"
},
{
"naughtyValue": "₀₁₂"
},
{
"naughtyValue": "⁰⁴⁵₀₁₂"
},
{
"naughtyValue": "ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็ ด้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็็้้้้้้้้็็็็็้้้้้็็็็"
},
{
"naughtyValue": "'"
},
{
"naughtyValue": "\""
},
{
"naughtyValue": "''"
},
{
"naughtyValue": "\"\""
},
{
"naughtyValue": "'\"'"
},
{
"naughtyValue": "\"''''\"'\""
},
{
"naughtyValue": "\"'\"'\"''''\""
},
{
"naughtyValue": "<foo val=“bar” />"
},
{
"naughtyValue": "<foo val=“bar” />"
},
{
"naughtyValue": "<foo val=”bar“ />"
},
{
"naughtyValue": "<foo val=`bar' />"
},
{
"naughtyValue": "田中さんにあげて下さい"
},
{
"naughtyValue": "パーティーへ行かないか"
},
{
"naughtyValue": "和製漢語"
},
{
"naughtyValue": "部落格"
},
{
"naughtyValue": "사회과학원 어학연구소"
},
{
"naughtyValue": "찦차를 타고 온 펲시맨과 쑛다리 똠방각하"
},
{
"naughtyValue": "社會科學院語學研究所"
},
{
"naughtyValue": "울란바토르"
},
{
"naughtyValue": "𠜎𠜱𠝹𠱓𠱸𠲖𠳏"
},
{
"naughtyValue": "表ポあA鷗ŒéB逍Üߪąñ丂㐀𠀀"
},
{
"naughtyValue": "Ⱥ"
},
{
"naughtyValue": "Ⱦ"
},
{
"naughtyValue": "ヽ༼ຈل͜ຈ༽ノ ヽ༼ຈل͜ຈ༽ノ"
},
{
"naughtyValue": "(。◕ ∀ ◕。)"
},
{
"naughtyValue": "`ィ(´∀`∩"
},
{
"naughtyValue": "__ロ(,_,*)"
},
{
"naughtyValue": "・( ̄∀ ̄)・:*:"
},
{
"naughtyValue": "゚・✿ヾ╲(。◕‿◕。)╱✿・゚"
},
{
"naughtyValue": ",。・:*:・゜’( ☻ ω ☻ )。・:*:・゜’"
},
{
"naughtyValue": "(╯°□°)╯︵ ┻━┻)"
},
{
"naughtyValue": "(ノಥ益ಥ)ノ ┻━┻"
},
{
"naughtyValue": "┬─┬ノ( º _ ºノ)"
},
{
"naughtyValue": "( ͡° ͜ʖ ͡°)"
},
{
"naughtyValue": "😍"
},
{
"naughtyValue": "👩🏽"
},
{
"naughtyValue": "👾 🙇 💁 🙅 🙆 🙋 🙎 🙍"
},
{
"naughtyValue": "🐵 🙈 🙉 🙊"
},
{
"naughtyValue": "❤️ 💔 💌 💕 💞 💓 💗 💖 💘 💝 💟 💜 💛 💚 💙"
},
{
"naughtyValue": "✋🏿 💪🏿 👐🏿 🙌🏿 👏🏿 🙏🏿"
},
{
"naughtyValue": "🚾 🆒 🆓 🆕 🆖 🆗 🆙 🏧"
},
{
"naughtyValue": "0️⃣ 1️⃣ 2️⃣ 3️⃣ 4️⃣ 5️⃣ 6️⃣ 7️⃣ 8️⃣ 9️⃣ 🔟"
},
{
"naughtyValue": "🇺🇸🇷🇺🇸 🇦🇫🇦🇲🇸"
},
{
"naughtyValue": "🇺🇸🇷🇺🇸🇦🇫🇦🇲"
},
{
"naughtyValue": "🇺🇸🇷🇺🇸🇦"
},
{
"naughtyValue": "123"
},
{
"naughtyValue": "١٢٣"
},
{
"naughtyValue": "ثم نفس سقطت وبالتحديد،, جزيرتي باستخدام أن دنو. إذ هنا؟ الستار وتنصيب كان. أهّل ايطاليا، بريطانيا-فرنسا قد أخذ. سليمان، إتفاقية بين ما, يذكر الحدود أي بعد, معاملة بولندا، الإطلاق عل إيو."
},
{
"naughtyValue": "בְּרֵאשִׁית, בָּרָא אֱלֹהִים, אֵת הַשָּׁמַיִם, וְאֵת הָאָרֶץ"
},
{
"naughtyValue": "הָיְתָהtestالصفحات التّحول"
},
{
"naughtyValue": "﷽"
},
{
"naughtyValue": "ﷺ"
},
{
"naughtyValue": "مُنَاقَشَةُ سُبُلِ اِسْتِخْدَامِ اللُّغَةِ فِي النُّظُمِ الْقَائِمَةِ وَفِيم يَخُصَّ التَّطْبِيقَاتُ الْحاسُوبِيَّةُ، "
},
{
"naughtyValue": "‪‪test‪"
},
{
"naughtyValue": "‫test‫"
},
{
"naughtyValue": "
test
"
},
{
"naughtyValue": "test⁠test‫"
},
{
"naughtyValue": "⁦test⁧"
},
{
"naughtyValue": "Ṱ̺̺̕o͞ ̷i̲̬͇̪͙n̝̗͕v̟̜̘̦͟o̶̙̰̠kè͚̮̺̪̹̱̤ ̖t̝͕̳̣̻̪͞h̼͓̲̦̳̘̲e͇̣̰̦̬͎ ̢̼̻̱̘h͚͎͙̜̣̲ͅi̦̲̣̰̤v̻͍e̺̭̳̪̰-m̢iͅn̖̺̞̲̯̰d̵̼̟͙̩̼̘̳ ̞̥̱̳̭r̛̗̘e͙p͠r̼̞̻̭̗e̺̠̣͟s̘͇̳͍̝͉e͉̥̯̞̲͚̬͜ǹ̬͎͎̟̖͇̤t͍̬̤͓̼̭͘ͅi̪̱n͠g̴͉ ͏͉ͅc̬̟h͡a̫̻̯͘o̫̟̖͍̙̝͉s̗̦̲.̨̹͈̣"
},
{
"naughtyValue": "̡͓̞ͅI̗̘̦͝n͇͇͙v̮̫ok̲̫̙͈i̖͙̭̹̠̞n̡̻̮̣̺g̲͈͙̭͙̬͎ ̰t͔̦h̞̲e̢̤ ͍̬̲͖f̴̘͕̣è͖ẹ̥̩l͖͔͚i͓͚̦͠n͖͍̗͓̳̮g͍ ̨o͚̪͡f̘̣̬ ̖̘͖̟͙̮c҉͔̫͖͓͇͖ͅh̵̤̣͚͔á̗̼͕ͅo̼̣̥s̱͈̺̖̦̻͢.̛̖̞̠̫̰"
},
{
"naughtyValue": "̗̺͖̹̯͓Ṯ̤͍̥͇͈h̲́e͏͓̼̗̙̼̣͔ ͇̜̱̠͓͍ͅN͕͠e̗̱z̘̝̜̺͙p̤̺̹͍̯͚e̠̻̠͜r̨̤͍̺̖͔̖̖d̠̟̭̬̝͟i̦͖̩͓͔̤a̠̗̬͉̙n͚͜ ̻̞̰͚ͅh̵͉i̳̞v̢͇ḙ͎͟-҉̭̩̼͔m̤̭̫i͕͇̝̦n̗͙ḍ̟ ̯̲͕͞ǫ̟̯̰̲͙̻̝f ̪̰̰̗̖̭̘͘c̦͍̲̞͍̩̙ḥ͚a̮͎̟̙͜ơ̩̹͎s̤.̝̝ ҉Z̡̖̜͖̰̣͉̜a͖̰͙̬͡l̲̫̳͍̩g̡̟̼̱͚̞̬ͅo̗͜.̟"
},
{
"naughtyValue": "̦H̬̤̗̤͝e͜ ̜̥̝̻͍̟́w̕h̖̯͓o̝͙̖͎̱̮ ҉̺̙̞̟͈W̷̼̭a̺̪͍į͈͕̭͙̯̜t̶̼̮s̘͙͖̕ ̠̫̠B̻͍͙͉̳ͅe̵h̵̬͇̫͙i̹͓̳̳̮͎̫̕n͟d̴̪̜̖ ̰͉̩͇͙̲͞ͅT͖̼͓̪͢h͏͓̮̻e̬̝̟ͅ ̤̹̝W͙̞̝͔͇͝ͅa͏͓͔̹̼̣l̴͔̰̤̟͔ḽ̫.͕"
},
{
"naughtyValue": "Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮"
},
{
"naughtyValue": "˙ɐnbᴉlɐ ɐuƃɐɯ ǝɹolop ʇǝ ǝɹoqɐl ʇn ʇunpᴉpᴉɔuᴉ ɹodɯǝʇ poɯsnᴉǝ op pǝs 'ʇᴉlǝ ƃuᴉɔsᴉdᴉpɐ ɹnʇǝʇɔǝsuoɔ 'ʇǝɯɐ ʇᴉs ɹolop ɯnsdᴉ ɯǝɹo˥"
},
{
"naughtyValue": "00˙Ɩ$-"
},
{
"naughtyValue": "The quick brown fox jumps over the lazy dog"
},
{
"naughtyValue": "𝐓𝐡𝐞 𝐪𝐮𝐢𝐜𝐤 𝐛𝐫𝐨𝐰𝐧 𝐟𝐨𝐱 𝐣𝐮𝐦𝐩𝐬 𝐨𝐯𝐞𝐫 𝐭𝐡𝐞 𝐥𝐚𝐳𝐲 𝐝𝐨𝐠"
},
{
"naughtyValue": "𝕿𝖍𝖊 𝖖𝖚𝖎𝖈𝖐 𝖇𝖗𝖔𝖜𝖓 𝖋𝖔𝖝 𝖏𝖚𝖒𝖕𝖘 𝖔𝖛𝖊𝖗 𝖙𝖍𝖊 𝖑𝖆𝖟𝖞 𝖉𝖔𝖌"
},
{
"naughtyValue": "𝑻𝒉𝒆 𝒒𝒖𝒊𝒄𝒌 𝒃𝒓𝒐𝒘𝒏 𝒇𝒐𝒙 𝒋𝒖𝒎𝒑𝒔 𝒐𝒗𝒆𝒓 𝒕𝒉𝒆 𝒍𝒂𝒛𝒚 𝒅𝒐𝒈"
},
{
"naughtyValue": "𝓣𝓱𝓮 𝓺𝓾𝓲𝓬𝓴 𝓫𝓻𝓸𝔀𝓷 𝓯𝓸𝔁 𝓳𝓾𝓶𝓹𝓼 𝓸𝓿𝓮𝓻 𝓽𝓱𝓮 𝓵𝓪𝔃𝔂 𝓭𝓸𝓰"
},
{
"naughtyValue": "𝕋𝕙𝕖 𝕢𝕦𝕚𝕔𝕜 𝕓𝕣𝕠𝕨𝕟 𝕗𝕠𝕩 𝕛𝕦𝕞𝕡𝕤 𝕠𝕧𝕖𝕣 𝕥𝕙𝕖 𝕝𝕒𝕫𝕪 𝕕𝕠𝕘"
},
{
"naughtyValue": "𝚃𝚑𝚎 𝚚𝚞𝚒𝚌𝚔 𝚋𝚛𝚘𝚠𝚗 𝚏𝚘𝚡 𝚓𝚞𝚖𝚙𝚜 𝚘𝚟𝚎𝚛 𝚝𝚑𝚎 𝚕𝚊𝚣𝚢 𝚍𝚘𝚐"
},
{
"naughtyValue": "⒯⒣⒠ ⒬⒰⒤⒞⒦ ⒝⒭⒪⒲⒩ ⒡⒪⒳ ⒥⒰⒨⒫⒮ ⒪⒱⒠⒭ ⒯⒣⒠ ⒧⒜⒵⒴ ⒟⒪⒢"
},
{
"naughtyValue": "<script>alert(123)</script>"
},
{
"naughtyValue": "&lt;script&gt;alert(&#39;123&#39;);&lt;/script&gt;"
},
{
"naughtyValue": "<img src=x onerror=alert(123) />"
},
{
"naughtyValue": "<svg><script>123<1>alert(123)</script>"
},
{
"naughtyValue": "\"><script>alert(123)</script>"
},
{
"naughtyValue": "'><script>alert(123)</script>"
},
{
"naughtyValue": "><script>alert(123)</script>"
},
{
"naughtyValue": "</script><script>alert(123)</script>"
},
{
"naughtyValue": "< / script >< script >alert(123)< / script >"
},
{
"naughtyValue": " onfocus=JaVaSCript:alert(123) autofocus"
},
{
"naughtyValue": "\" onfocus=JaVaSCript:alert(123) autofocus"
},
{
"naughtyValue": "' onfocus=JaVaSCript:alert(123) autofocus"
},
{
"naughtyValue": "<script>alert(123)</script>"
},
{
"naughtyValue": "<sc<script>ript>alert(123)</sc</script>ript>"
},
{
"naughtyValue": "--><script>alert(123)</script>"
},
{
"naughtyValue": "\";alert(123);t=\""
},
{
"naughtyValue": "';alert(123);t='"
},
{
"naughtyValue": "JavaSCript:alert(123)"
},
{
"naughtyValue": ";alert(123);"
},
{
"naughtyValue": "src=JaVaSCript:prompt(132)"
},
{
"naughtyValue": "\"><script>alert(123);</script x=\""
},
{
"naughtyValue": "'><script>alert(123);</script x='"
},
{
"naughtyValue": "><script>alert(123);</script x="
},
{
"naughtyValue": "\" autofocus onkeyup=\"javascript:alert(123)"
},
{
"naughtyValue": "' autofocus onkeyup='javascript:alert(123)"
},
{
"naughtyValue": "<script\\x20type=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "<script\\x3Etype=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "<script\\x0Dtype=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "<script\\x09type=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "<script\\x0Ctype=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "<script\\x2Ftype=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "<script\\x0Atype=\"text/javascript\">javascript:alert(1);</script>"
},
{
"naughtyValue": "'`\"><\\x3Cscript>javascript:alert(1)</script>"
},
{
"naughtyValue": "'`\"><\\x00script>javascript:alert(1)</script>"
},
{
"naughtyValue": "ABC<div style=\"x\\x3Aexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:expression\\x5C(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:expression\\x00(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:exp\\x00ression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:exp\\x5Cression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x0Aexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x09expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE3\\x80\\x80expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x84expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xC2\\xA0expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x80expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x8Aexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x0Dexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x0Cexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x87expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xEF\\xBB\\xBFexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x20expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x88expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x00expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x8Bexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x86expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x85expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x82expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\x0Bexpression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x81expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x83expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "ABC<div style=\"x:\\xE2\\x80\\x89expression(javascript:alert(1)\">DEF"
},
{
"naughtyValue": "<a href=\"\\x0Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x0Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xC2\\xA0javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x05javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE1\\xA0\\x8Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x18javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x11javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x88javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x89javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x17javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x03javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x0Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x1Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x00javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x10javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x82javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x20javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x13javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x09javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x8Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x14javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x19javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\xAFjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x1Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x81javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x1Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x87javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x07javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE1\\x9A\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x83javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x04javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x01javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x08javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x84javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x86javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE3\\x80\\x80javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x12javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x0Djavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x0Ajavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x0Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x15javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\xA8javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x16javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x02javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x1Bjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x06javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\xA9javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x80\\x85javascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x1Ejavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\xE2\\x81\\x9Fjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"\\x1Cjavascript:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"javascript\\x00:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"javascript\\x3A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"javascript\\x09:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"javascript\\x0D:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "<a href=\"javascript\\x0A:javascript:alert(1)\" id=\"fuzzelement1\">test</a>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x0Aonerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x22onerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x0Bonerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x0Donerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x2Fonerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x09onerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x0Conerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x00onerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x27onerror=javascript:alert(1)>"
},
{
"naughtyValue": "`\"'><img src=xxx:x \\x20onerror=javascript:alert(1)>"
},
{
"naughtyValue": "\"`'><script>\\x3Bjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x0Djavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xEF\\xBB\\xBFjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x81javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x84javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE3\\x80\\x80javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x09javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x89javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x85javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x88javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x00javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\xA8javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x8Ajavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE1\\x9A\\x80javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x0Cjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x2Bjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xF0\\x90\\x96\\x9Ajavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>-javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x0Ajavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\xAFjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x7Ejavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x87javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x81\\x9Fjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\xA9javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xC2\\x85javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xEF\\xBF\\xAEjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x83javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x8Bjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xEF\\xBF\\xBEjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x80javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x21javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x82javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE2\\x80\\x86javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xE1\\xA0\\x8Ejavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x0Bjavascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\x20javascript:alert(1)</script>"
},
{
"naughtyValue": "\"`'><script>\\xC2\\xA0javascript:alert(1)</script>"
},
{
"naughtyValue": "<img \\x00src=x onerror=\"alert(1)\">"
},
{
"naughtyValue": "<img \\x47src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img \\x11src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img \\x12src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img\\x47src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img\\x10src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img\\x13src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img\\x32src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img\\x47src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img\\x11src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img \\x47src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img \\x34src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img \\x39src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img \\x00src=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x09=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x10=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x13=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x32=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x12=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x11=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x00=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src\\x47=x onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x\\x09onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x\\x10onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x\\x11onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x\\x12onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x\\x13onerror=\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img[a][b][c]src[d]=x[e]onerror=[f]\"alert(1)\">"
},
{
"naughtyValue": "<img src=x onerror=\\x09\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x onerror=\\x10\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x onerror=\\x11\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x onerror=\\x12\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x onerror=\\x32\"javascript:alert(1)\">"
},
{
"naughtyValue": "<img src=x onerror=\\x00\"javascript:alert(1)\">"
},
{
"naughtyValue": "<a href=java&#1&#2&#3&#4&#5&#6&#7&#8&#11&#12script:javascript:alert(1)>XXX</a>"
},
{
"naughtyValue": "<img src=\"x` `<script>javascript:alert(1)</script>\"` `>"
},
{
"naughtyValue": "<img src onerror /\" '\"= alt=javascript:alert(1)//\">"
},
{
"naughtyValue": "<title onpropertychange=javascript:alert(1)></title><title title=>"
},
{
"naughtyValue": "<a href=http://foo.bar/#x=`y></a><img alt=\"`><img src=x:x onerror=javascript:alert(1)></a>\">"
},
{
"naughtyValue": "<!--[if]><script>javascript:alert(1)</script -->"
},
{
"naughtyValue": "<!--[if<img src=x onerror=javascript:alert(1)//]> -->"
},
{
"naughtyValue": "<script src=\"/\\%(jscript)s\"></script>"
},
{
"naughtyValue": "<script src=\"\\\\%(jscript)s\"></script>"
},
{
"naughtyValue": "<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">"
},
{
"naughtyValue": "<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>"
},
{
"naughtyValue": "<IMG SRC=# onmouseover=\"alert('xxs')\">"
},
{
"naughtyValue": "<IMG SRC= onmouseover=\"alert('xxs')\">"
},
{
"naughtyValue": "<IMG onmouseover=\"alert('xxs')\">"
},
{
"naughtyValue": "<IMG SRC=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;>"
},
{
"naughtyValue": "<IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>"
},
{
"naughtyValue": "<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>"
},
{
"naughtyValue": "<IMG SRC=\"jav ascript:alert('XSS');\">"
},
{
"naughtyValue": "<IMG SRC=\"jav&#x09;ascript:alert('XSS');\">"
},
{
"naughtyValue": "<IMG SRC=\"jav&#x0A;ascript:alert('XSS');\">"
},
{
"naughtyValue": "<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">"
},
{
"naughtyValue": "perl -e 'print \"<IMG SRC=java\\0script:alert(\\\"XSS\\\")>\";' > out"
},
{
"naughtyValue": "<IMG SRC=\" &#14; javascript:alert('XSS');\">"
},
{
"naughtyValue": "<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>"
},
{
"naughtyValue": "<BODY onload!#$%&()*~+-_.,:;?@[/|\\]^`=alert(\"XSS\")>"
},
{
"naughtyValue": "<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>"
},
{
"naughtyValue": "<<SCRIPT>alert(\"XSS\");//<</SCRIPT>"
},
{
"naughtyValue": "<SCRIPT SRC=http://ha.ckers.org/xss.js?< B >"
},
{
"naughtyValue": "<SCRIPT SRC=//ha.ckers.org/.j>"
},
{
"naughtyValue": "<IMG SRC=\"javascript:alert('XSS')\""
},
{
"naughtyValue": "<iframe src=http://ha.ckers.org/scriptlet.html <"
},
{
"naughtyValue": "\\\";alert('XSS');//"
},
{
"naughtyValue": "<u oncopy=alert()> Copy me</u>"
},
{
"naughtyValue": "<i onwheel=alert(1)> Scroll over me </i>"
},
{
"naughtyValue": "<plaintext>"
},
{
"naughtyValue": "http://a/%%30%30"
},
{
"naughtyValue": "</textarea><script>alert(123)</script>"
},
{
"naughtyValue": "1;DROP TABLE users"
},
{
"naughtyValue": "1'; DROP TABLE users-- 1"
},
{
"naughtyValue": "' OR 1=1 -- 1"
},
{
"naughtyValue": "' OR '1'='1"
},
{
"naughtyValue": " "
},
{
"naughtyValue": "%"
},
{
"naughtyValue": "_"
},
{
"naughtyValue": "-"
},
{
"naughtyValue": "--"
},
{
"naughtyValue": "--version"
},
{
"naughtyValue": "--help"
},
{
"naughtyValue": "$USER"
},
{
"naughtyValue": "/dev/null; touch /tmp/blns.fail ; echo"
},
{
"naughtyValue": "`touch /tmp/blns.fail`"
},
{
"naughtyValue": "$(touch /tmp/blns.fail)"
},
{
"naughtyValue": "@{[system \"touch /tmp/blns.fail\"]}"
},
{
"naughtyValue": "eval(\"puts 'hello world'\")"
},
{
"naughtyValue": "System(\"ls -al /\")"
},
{
"naughtyValue": "`ls -al /`"
},
{
"naughtyValue": "Kernel.exec(\"ls -al /\")"
},
{
"naughtyValue": "Kernel.exit(1)"
},
{
"naughtyValue": "%x('ls -al /')"
},
{
"naughtyValue": "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>"
},
{
"naughtyValue": "$HOME"
},
{
"naughtyValue": "$ENV{'HOME'}"
},
{
"naughtyValue": "%d"
},
{
"naughtyValue": "%s%s%s%s%s"
},
{
"naughtyValue": "{0}"
},
{
"naughtyValue": "%*.*s"
},
{
"naughtyValue": "%@"
},
{
"naughtyValue": "%n"
},
{
"naughtyValue": "File:///"
},
{
"naughtyValue": "../../../../../../../../../../../etc/passwd%00"
},
{
"naughtyValue": "../../../../../../../../../../../etc/hosts"
},
{
"naughtyValue": "() { 0; }; touch /tmp/blns.shellshock1.fail;"
},
{
"naughtyValue": "() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }"
},
{
"naughtyValue": "<<< %s(un='%s') = %u"
},
{
"naughtyValue": "+++ATH0"
},
{
"naughtyValue": "CON"
},
{
"naughtyValue": "PRN"
},
{
"naughtyValue": "AUX"
},
{
"naughtyValue": "CLOCK$"
},
{
"naughtyValue": "NUL"
},
{
"naughtyValue": "A:"
},
{
"naughtyValue": "ZZ:"
},
{
"naughtyValue": "COM1"
},
{
"naughtyValue": "LPT1"
},
{
"naughtyValue": "LPT2"
},
{
"naughtyValue": "LPT3"
},
{
"naughtyValue": "COM2"
},
{
"naughtyValue": "COM3"
},
{
"naughtyValue": "COM4"
},
{
"naughtyValue": "DCC SEND STARTKEYLOGGER 0 0 0"
},
{
"naughtyValue": "Scunthorpe General Hospital"
},
{
"naughtyValue": "Penistone Community Church"
},
{
"naughtyValue": "Lightwater Country Park"
},
{
"naughtyValue": "Jimmy Clitheroe"
},
{
"naughtyValue": "Horniman Museum"
},
{
"naughtyValue": "shitake mushrooms"
},
{
"naughtyValue": "RomansInSussex.co.uk"
},
{
"naughtyValue": "http://www.cum.qc.ca/"
},
{
"naughtyValue": "Craig Cockburn, Software Specialist"
},
{
"naughtyValue": "Linda Callahan"
},
{
"naughtyValue": "Dr. Herman I. Libshitz"
},
{
"naughtyValue": "magna cum laude"
},
{
"naughtyValue": "Super Bowl XXX"
},
{
"naughtyValue": "medieval erection of parapets"
},
{
"naughtyValue": "evaluate"
},
{
"naughtyValue": "mocha"
},
{
"naughtyValue": "expression"
},
{
"naughtyValue": "Arsenal canal"
},
{
"naughtyValue": "classic"
},
{
"naughtyValue": "Tyson Gay"
},
{
"naughtyValue": "Dick Van Dyke"
},
{
"naughtyValue": "basement"
},
{
"naughtyValue": "If you're reading this, you've been in a coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your dream, but we hope it works. Please wake up, we miss you."
},
{
"naughtyValue": "Roses are \u001b[0;31mred\u001b[0m, violets are \u001b[0;34mblue. Hope you enjoy terminal hue"
},
{
"naughtyValue": "But now...\u001b[20Cfor my greatest trick...\u001b[8m"
},
{
"naughtyValue": "The quic\b\b\b\b\b\bk brown fo\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007\u0007x... [Beeeep]"
},
{
"naughtyValue": "Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗"
},
{
"naughtyValue": "🏳0🌈️"
},
{
"naughtyValue": "జ్ఞ‌ా"
}
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment