Swissky
d24e3f2d61
Merge pull request #497 from kz-cyber/xss/angular-xss-2
...
[update] Angular XSS payload
2022-09-07 00:34:29 +02:00
its0x08
31b213227e
fix: Fix more spelling
2022-08-09 11:05:40 +02:00
its0x08
fc1f3b25a7
fix: Fix spelling
2022-08-09 11:02:21 +02:00
khiemtq-cyber
507c493db2
Update Angular XSS
2022-05-07 12:55:15 +07:00
idealphase
6738f878f3
Updated README.md
...
Added References: Bypassing Signature-Based XSS Filters: Modifying Script Code
2022-04-19 10:45:32 +07:00
idealphase
de532030df
Merge branch 'swisskyrepo:master' into master
2022-04-19 10:43:04 +07:00
Swissky
85a50869f2
Merge pull request #482 from khiemtq-cyber/xss/angular-xss-1
...
[update] Angular XSS payload
2022-04-18 21:01:44 +02:00
Ooggle
39d1c6e7d8
Add document blacklist bypass
2022-04-09 12:55:21 +02:00
ktq-cyber
5d898e004f
[update] Angular XSS payload
2022-02-23 22:26:16 +07:00
idealphase
e9eac5ca59
Update README.md
2021-11-10 22:40:40 +07:00
idealphase
6c7df7dc4e
Update README.md
...
Add Bypass dot filter
2021-11-10 22:38:02 +07:00
Philippe Arteau
9d30f792d4
Remove filename with special characters.
...
The filename are already covered in `XSS Injection/README.md`
2021-10-29 12:56:55 -04:00
Philippe Arteau
16986febde
Remove filename with special characters.
...
The filename are already covered in `XSS Injection/README.md`
2021-10-29 12:56:41 -04:00
Philippe Arteau
7443da045a
Remove filename with special characters.
...
The filename are already covered in `XSS Injection/README.md`
2021-10-29 12:56:25 -04:00
Markus
7996b4f905
Update XSS README.md
...
Remove unnecessary complexity from CSP bypass payload
2021-10-01 16:10:23 +02:00
Lorenzo Grazian
7369ee28b3
Added XSS <object> payload
2021-09-02 15:14:29 +02:00
Swissky
1e85308ae2
Merge pull request #395 from daffainfo/patch-1
...
Adding Cloudflare XSS payload
2021-08-25 22:21:54 +02:00
Swissky
f89597725a
Merge pull request #416 from Bort-Millipede/master
...
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…
2021-08-25 22:17:53 +02:00
Alexandre ZANNI
4791962be5
document.domain, window.origin and console.log usage
2021-08-24 20:29:02 +02:00
Jeffrey Cap
9bde75b32d
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload
2021-08-23 14:41:40 -05:00
Swissky
87be30d3b2
DB2 Injection + ADCS
2021-08-10 23:00:19 +02:00
Xib3rR4dAr
ae98d629f0
Update README.md
...
Removed duplicates.
2021-08-04 09:29:24 +05:00
Swissky
1fd9260d1e
Update README.md
2021-07-31 11:28:23 +02:00
c14dd49h
ee12f8e480
Update README.md
2021-07-22 16:55:03 +02:00
c14dd49h
eddc716d8c
Update README.md
2021-07-22 14:47:36 +02:00
Muhammad Daffa
2b6c3cb360
Adding Cloudflare XSS payload
2021-07-15 12:48:02 +07:00
PinkDev1
21c1690adf
Fixed typo on "Tips" section
2021-06-16 19:24:17 +00:00
Swissky
62b897c936
Merge pull request #376 from noraj/patch-2
...
XSS: add quick tips for bXSS
2021-06-16 13:56:29 +02:00
Alexandre ZANNI
c469236204
XSS: add quick tips for bXSS
2021-06-16 13:25:46 +02:00
Alexandre ZANNI
8547ac7dfc
XSS: remove bluelotus
...
the project is empty
2021-06-16 13:18:08 +02:00
Swissky
08b59f2856
AD update CME+DCOM
2021-04-21 22:27:07 +02:00
linoskoczek
825295e465
Update README.md
...
Fix broken links in Summary
2021-03-18 19:16:59 +00:00
lapolis_aka_blu
6f758ba6c0
Added closing bracket in unicode full width bypass
...
Yeah I know it is logic to use it if you really need the closing tag. But having both brackets in your repo makes it quicker to copy paste :D
2021-01-15 16:38:51 +00:00
Swissky
f7e8f515a5
Application Escape and Breakout
2020-12-17 08:56:58 +01:00
Max Boll
2a65064d15
little update
2020-10-27 14:10:35 +01:00
Max Boll
350c55a1ac
XSS Tools added
2020-10-27 13:31:37 +01:00
Vincent Gilles
0b90094002
Fix(Docs): Correcting typos on the repo
2020-10-17 22:52:35 +02:00
Max Rodrigo
2f40961990
Fix PHP XSS data collector line breaks
2020-09-05 10:36:58 +02:00
Viren Pawar
0266a7dd67
[Update] Added 1 payload
...
Added one payload which executes without any usage of single or double quotes. Helpful when you have AngularJS injection but quotes are blocked by application.
Working proof of payload here:
https://portswigger-labs.net/xss/angularjs.php?type=reflected&csp=0&version=1.6.0&x= {{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
2020-08-15 16:29:13 +05:30
Swissky
c7e3ea005e
Powershell Remoting
2020-08-09 12:15:56 +02:00
Swissky
dd40ddd233
XSS summary subentries + GraphTCP
2020-07-12 14:44:33 +02:00
looCiprian
93a372cea4
Add jsfuck bypassing method to xss cheat sheet
2020-06-23 18:34:02 +02:00
reza.duty
010b550dec
Update README.md
2020-06-17 11:42:26 +04:30
reza.duty
03a0bda20d
Update README.md
2020-06-09 20:05:32 +04:30
Swissky
7f1c150edd
Mimikatz Summary
2020-05-10 16:17:10 +02:00
Thomas Orlita
d0bb0f6f5b
Update CSP Evaluator blog link
2020-05-10 10:32:51 +02:00
reza.duty
eb28e4c28d
add Self Closing Script
2020-05-06 22:57:55 +04:30
Swissky
5163ef902c
XSS Google Scholar Payload + Skeleton Key Persistence
2020-05-03 16:28:17 +02:00
Swissky
e9b296adb3
DoyenSec Payloads XSS Google Scholar
2020-05-02 14:31:33 +02:00
bohdansec
c4af354d8f
Update Cloudflare XSS bypasses
...
Add 3 bypasses by Bohdan Korzhynskyi. Update twitter
2020-04-22 00:51:36 +03:00