Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/renwax23/xss-payloads

List of XSS Vectors/Payloads
https://github.com/renwax23/xss-payloads

Last synced: 3 months ago
JSON representation

List of XSS Vectors/Payloads

Lists

README 

        
# XSS-Payloads

# [XSS-Payloads Without Parentheses](https://github.com/RenwaX23/XSS-Payloads/blob/master/Without-Parentheses.md)

List of XSS Vectors/Payloads i have been collecting since 2015 from different resources like websites,tweets,books..



You can use them to bypass WAF and find XSS vulnerabilities, i will try to update the list as possible.



I collected most of them and they have real authors, i can't remember where i got each one of them so i can give credit sorry. If you own any payload want to be mentioned or removed just ping me on Twitter.



**Payloads.txt** is no longer updated and most of the payloads are outdated, please refer to [PORTSWIGGER XSS cheat sheet](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet) for best XSS payloads



Other good sources for XSS:



[PORTSWIGGER XSS cheat sheet](https://portswigger.net/web-security/cross-site-scripting/cheat-sheet)



[HTML5 Security Cheatsheet](https://html5sec.org/)



[XSS Payloads Twitter](https://twitter.com/xsspayloads)



[AwesomeXSS](https://github.com/s0md3v/AwesomeXSS)



[Brutelogic Blog](http://brutelogic.com.br/blog/)



[XSS Cheat Sheet](https://leanpub.com/xss)



[Pgaijin66 XSS-Payloads](https://github.com/Pgaijin66/XSS-Payloads)



[Swisskyrepo PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20injection)



[OWASP XSS](https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet)



Any suggestion or improvements contact me:



[Twitter](https://twitter.com/RenwaX23)