Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/xsscx/commodity-injection-signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
https://github.com/xsscx/commodity-injection-signatures

burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss

Last synced: 2 days ago
JSON representation

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Awesome Lists containing this project

README 

        
# XSS.Cx Public Repo

XNU VideoToolbox Fuzzer OSS Project



## whoami

I am David Hoyt.

  - https://hoyt.net

  - https://srd.cx

  - https://xss.cx

    

## Last Update: 22 JUNE 2024

- Added CVE-2024-38427 ICC Color Profile Sample PoC's

- Added CVE-2022-26730 ICC Color Profile Sample PoC's

- Added CVE Color Profile samples known to Crash many OS 

- https://srd.cx/cve-2022-26730/

- https://srd.cx/cve-2023-32443/

- Added PoC's from my CVE's in DemoMaxICC Reference Implementation [https://github.com/InternationalColorConsortium/DemoIccMAX]

  - Functionality in Skia, WebKit, Windows etc....

  - The color() function and custom color profiles are part of the CSS Colors Module Level 4, which is still a draft and not widely supported.



## About

- Commodity Injection Signatures

- Scraped Fresh from the Internet since 2015

- My PoC's from CVE's & Crashes 



## Suggested Use 

- Include with Burp Intruder or Custom Scripts

- Manual Injection Testing with Well-Known Signatures

- Automated Fuzzing with a Wide-Range with Malicious Inputs

- Abusing XNU, Windows or Linux   



### Recent Additions

- regex files to aid with apple security research device log analysis

- RBL focused on AD CDN's

- RBL focused on App Titles 

- XNU Crash Helpers for Apple Security Research Device circa 2023



### Pull Requests Welcome



__Happy Hunting!!__