{"id":13842790,"url":"https://github.com/xsscx/Commodity-Injection-Signatures","last_synced_at":"2025-07-11T15:33:07.364Z","repository":{"id":26676717,"uuid":"30133372","full_name":"xsscx/Commodity-Injection-Signatures","owner":"xsscx","description":"Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT","archived":false,"fork":false,"pushed_at":"2024-07-18T19:29:02.000Z","size":6342,"stargazers_count":390,"open_issues_count":0,"forks_count":119,"subscribers_count":14,"default_branch":"master","last_synced_at":"2024-11-18T01:02:06.878Z","etag":null,"topics":["burp","burpsuite","exploit","fuzzing","header","html","http","injection","injection-signatures","input","javascript","malicious","poc","random","rce","xss"],"latest_commit_sha":null,"homepage":"https://srd.cx","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/xsscx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["xsscx"]}},"created_at":"2015-02-01T02:06:13.000Z","updated_at":"2024-10-31T13:25:20.000Z","dependencies_parsed_at":"2024-05-01T23:37:30.523Z","dependency_job_id":"c9f2a1b0-41a4-406a-a8d8-b74df9b317a7","html_url":"https://github.com/xsscx/Commodity-Injection-Signatures","commit_stats":null,"previous_names":[],"tags_count":0,"template":true,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xsscx%2FCommodity-Injection-Signatures","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xsscx%2FCommodity-Injection-Signatures/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xsscx%2FCommodity-Injection-Signatures/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/xsscx%2FCommodity-Injection-Signatures/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/xsscx","download_url":"https://codeload.github.com/xsscx/Commodity-Injection-Signatures/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225737130,"owners_count":17516291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp","burpsuite","exploit","fuzzing","header","html","http","injection","injection-signatures","input","javascript","malicious","poc","random","rce","xss"],"created_at":"2024-08-04T17:01:46.318Z","updated_at":"2024-11-21T13:31:09.366Z","avatar_url":"https://github.com/xsscx.png","language":"HTML","readme":"# XSS.Cx Public Repo\n\u003cimg src=\"https://xss.cx/2024/05/20/img/xnu-videotoolbox-fuzzer-objective-c-code-project-example.webp\" alt=\"XNU VideoToolbox Fuzzer OSS Project\" style=\"height:1024px; width:1024px;\"/\u003e\n\n## whoami\nI am David Hoyt.\n  - https://hoyt.net\n  - https://srd.cx\n  - https://xss.cx\n    \n## Last Update: 22 JUNE 2024\n- Added CVE-2024-38427 ICC Color Profile Sample PoC's\n- Added CVE-2022-26730 ICC Color Profile Sample PoC's\n- Added CVE Color Profile samples known to Crash many OS \n- https://srd.cx/cve-2022-26730/\n- https://srd.cx/cve-2023-32443/\n- Added PoC's from my CVE's in DemoMaxICC Reference Implementation [https://github.com/InternationalColorConsortium/DemoIccMAX]\n  - Functionality in Skia, WebKit, Windows etc....\n  - The color() function and custom color profiles are part of the CSS Colors Module Level 4, which is still a draft and not widely supported.\n\n## About\n- Commodity Injection Signatures\n- Scraped Fresh from the Internet since 2015\n- My PoC's from CVE's \u0026 Crashes \n\n## Suggested Use \n- Include with Burp Intruder or Custom Scripts\n- Manual Injection Testing with Well-Known Signatures\n- Automated Fuzzing with a Wide-Range with Malicious Inputs\n- Abusing XNU, Windows or Linux   \n\n### Recent Additions\n- regex files to aid with apple security research device log analysis\n- RBL focused on AD CDN's\n- RBL focused on App Titles \n- XNU Crash Helpers for Apple Security Research Device circa 2023\n\n### Pull Requests Welcome\n\n__Happy Hunting!!__\n","funding_links":["https://github.com/sponsors/xsscx"],"categories":["HTML"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxsscx%2FCommodity-Injection-Signatures","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxsscx%2FCommodity-Injection-Signatures","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxsscx%2FCommodity-Injection-Signatures/lists"}