xss-payload-list
big-list-of-naughty-strings
xss-payload-list | big-list-of-naughty-strings | |
---|---|---|
6 | 41 | |
5,661 | 45,861 | |
3.1% | - | |
0.0 | 0.0 | |
5 months ago | 22 days ago | |
Python | ||
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
xss-payload-list
-
XSS example
Like an example XSS payload? Go nuts: https://github.com/payloadbox/xss-payload-list
-
Go with PHP
Otherwise, only vague and unsubstantiated claims, which does not help PHP nor any other programming language or framework.
[] https://github.com/payloadbox/xss-payload-list
- SC
- A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters
- Cross Site Scripting ( XSS ) Vulnerability Payload List
-
Password protected website (no username) - best way in?
Tried it now, with the https://github.com/payloadbox/xss-payload-list/tree/master/Intruder list.
big-list-of-naughty-strings
- What's that touchscreen in my room?
-
Horrib
Related: https://github.com/minimaxir/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
- The Big List of Naughty Strings
-
Super sorry to the guy with the username reset on GitHub
Sounds like we need to use the Big List Of Naughty Strings to weed out troublesome usernames...
https://github.com/minimaxir/big-list-of-naughty-strings
- API Security Testing
-
Discussion Thread
oh boy oh boy https://github.com/minimaxir/big-list-of-naughty-strings
-
100+ Must Know Github Repositories For Any Programmer
2. Big List of Naughty Strings
- A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters
- Damned dirty input
What are some alternatives?
ssti-payloads - 🎯 Server Side Template Injection Payloads
SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
XSStrike - Most advanced XSS scanner.
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
sql-injection-payload-list - 🎯 SQL Injection Payload List
ms-teams-rce
OWASP-Xenotix-XSS-Exploit-Framework - OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
eslint-plugin-no-unsanitized - Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
plugin-cloud-storage - The official cloud storage plugin for Payload
javascript-questions - A long list of (advanced) JavaScript questions, and their explanations :sparkles:
ppmap - A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
content - The content behind MDN Web Docs