9000+ xss payloads 大全 | xss payloads collect

9000+ xss payloads 大全 | xss payloads collect

xss payloads

XSS Vectors Cheat Sheet

为了避免发生弹窗或者不可预测的bug,此处就不放xss代码了,xss的payloads已经全部去重放在txt中,可自行去复制粘贴。

除了常规的xss,还包含了各类绕过waf的payload。bypass waf

9000+ xss payloads 大全 | xss payloads collect

xss payloads 地址:

https://www.ddosi.org/xss.txt 9218个

9000+ xss payloads 大全 | xss payloads collect

xss项目地址

  1. github.com/swisskyrepo/PayloadsAllTheThings
  2. PORTSWIGGER XSS cheat sheet
  3. HTML5 Security Cheatsheet
  4. XSS Payloads Twitter
  5. AwesomeXSS
  6. Brutelogic Blog
  7. XSS Cheat Sheet
  8. Pgaijin66 XSS-Payloads
  9. Swisskyrepo PayloadsAllTheThings
  10. OWASP XSS

注意事项

本文未必更新及时,xss代码每日都在更新,可自行到如下网址进行更新。

https://xss.js.org/

https://xss.js.org/xss01.md

https://xss.js.org/xss02.md

https://xss.js.org/xss03.md

https://xss.js.org/xss04.md

https://xss.js.org/xss05.md

github.com/evai1/PayloadFix/blob/master/XssPayload.txt

gist.github.com/kurobeats/9a613c9ab68914312cbb415134795b45

自己到网页上复制粘贴使用

Cross-site scripting (XSS) cheat sheet

portswigger.net/web-security/cross-site-scripting/cheat-sheet

9000+ xss payloads 大全 | xss payloads collect

PDF下载:

cross-site-scripting/cheat-sheet.pdf

转载请注明出处及链接

Leave a Reply

您的电子邮箱地址不会被公开。 必填项已用*标注