Featured vector

Fuzz vector cloud

907,629 Successful fuzzes

Shazzer

User information

Username	Points
@garethheyes	126

Vectors created
Array variables
Attribute separators
Characters allowed after asterix in CSS comments
Characters allowed after attribute name
Characters allowed after colon in url
Characters allowed after colon in url (no slashes)
Characters allowed after paren rule
Characters allowed after script
Characters allowed after slash in url
Characters allowed as gt in url
Characters allowed as h in http
Characters allowed as lt in url
Characters allowed as s in url
Characters allowed as slash in url
Characters allowed as _ in url
Characters allowed before a JavaScript function
Characters allowed before attribute name
Characters allowed before colon in js url
Characters allowed before CSS properties
Characters allowed before paren
Characters allowed before protocol in js url
Characters allowed between slashes
Characters before img
Characters before paren in Javascript call
Characters before rgb
Characters before script
Characters between rgb
Characters in between protocol in js url
Characters separating attributes without quotes
Characters separating attributes without quotes after hash
Characters that are new lines
Characters that are spaces
Characters that break out of script variables
Characters that close a HTML comment
Characters that close JS Comments
Characters that trigger a new attr after new line
Document body variables
Document variables
Does this browser support e4x
Events in tags with src or href that execute javascript
Function variables
Hex characters allowed after asterix in CSS comments
Iframe contentDocument properties
Iframe contentWindow properties
NULL Characters inside JavaScript properties
Number variables
Object variables
Opening paren expression check
Quoteless attributes breaker
Regexp variables
String variables
Tags and events that execute javascript
Tags and events that execute javascript 2
Tags that execute onerror
Valid characters after expression
Valid characters after expression 2
Valid characters after expression 3
Valid characters after expression 4
Window variables

Top fuzzers
garethheyes (126)
0x6D6172696F (48)
jackmasa (33)
0xAli (20)
shafigullin (15)
thewildcat (12)
albinowax (12)
superevr (8)
mhswende (8)
MisterJyu (6)
avlidienbrunn (3)
secalert (3)
DuncanWinfrey (3)
_cweb (3)
theKos (2)
thetestmanager (2)
notxssninja (2)
ethicalhack3r (2)
g4l4drim (1)
tentacolo_Viola (1)

New users
blackthorne
evilpacket
wondermedia1
41w4r10r
skeptic_fx
notxssninja
DOMXss
_Pr3nk_
upnorthtrip
sejournals
HideIsShazzing
Sidhpurwala
asintsov
Milad_Bahari
securityshell
Voulnet
PunchyStickMeh
secalert
An0nemuz
albinofoo

Popular vectors
Characters allowed for padding in a data URI 001
Characters allowed after attribute name
Character between lt and slash in closing tag
Characters that close a HTML comment
Characters allowed for padding in a VBS URI 002
Characters allowed before attribute name
Characters allowed before CSS properties
Characters allowed for padding in a VBS URI 001
Characters allowed before a JavaScript function
NULL Characters inside JavaScript properties

Latest vectors
Characters that break out of script variables
Char that allows you to act as a slash in closing tag 2
Characters that close a HTML comment 3
Characters that are spaces
Characters that are new lines
Attribute separators
Characters separating attributes without quotes after hash
Characters separating attributes without quotes
JS in img src for selfxss
Char after lt

Vectors not scanned by this browser
Characters that break out of script variables
Char that allows you to act as a slash in closing tag 2
Characters that close a HTML comment 3
Characters that are spaces
Characters that are new lines
Attribute separators
Characters separating attributes without quotes after hash
Characters separating attributes without quotes
JS in img src for selfxss
Char after lt

© 2012 Copyright Gareth Heyes