Featured vector

Firefox 0.0
<script src=data:0x2calert(1)></script>

Fuzz vector cloud

5,456,811 Successful fuzzes

Fuzz Vectors

Searching for "Anchor"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Characters that can be used to terminate entities in an href	<a href="javascript&colonchrlog(num)" id="fuzzelementnum">test</a>	@tifkin_
Characters allowed after domain	<a href="http://google.comchrbreakme" id="fuzzelementnum">test</a>	@avlidienbrunn
Characters allowed before http	<a href="http://chrgoogle.com" id="fuzzelementnum">test</a>	@avlidienbrunn
Characters allowed before slashes no protocol	<a href="chr//google.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed inside slashes no protocol	<a href="/chr/google.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed instead of slash 2	<a href="http:chrchrgoogle.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed instead of slash	<a href="http:chrgoogle.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed after slash	<a href="http:/chr/google.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed inside http	<a href="htchrtp://google.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed instead of forward slash in url	<a href="chrchrgoogle.com" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed instead of colon in js url	<a href="javascriptchralert(1)" id="fuzzelementnum">test</a>	@garethheyes
Entities allowed instead of colon for js protocol	htmlStr = '<a href="javascript'+dataentities+'123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { customLog(dataentities); } }catch(e){};	@peksa
Entities allowed after js protocol	htmlStr = '<a href="javascript'+dataentities+':123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { customLog(dataentities); } }catch(e){};	@garethheyes
Entities allowed before js protocol	htmlStr = '<a href="'+dataentities+'javascript:123">test</a>'; document.getElementById('placeholder').innerHTML = htmlStr; try { if(document.getElementById('placeholder').firstChild.protocol === 'javascript:') { customLog(dataentities); } }catch(e){};	@garethheyes
Characters allowed after ampersand in named character references	<a href="javascript&chrcolon;log(num)" id="fuzzelementnum">test</a>	@_cweb
Characters in between protocol in js url	<a href="javaschrcript:alert(1)" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed before protocol in js url	<a href="chrjavascript:alert(1)" id="fuzzelementnum">test</a>	@garethheyes
Characters allowed before colon in js url	<a href="javascriptchr:alert(1)" id="fuzzelementnum">test</a>	@garethheyes

Top fuzzers
insertScript (387)
garethheyes (256)
0x6D6172696F (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
Giutro (35)
0xAli (33)
i_bo0om (33)
albinowax (33)
jackmasa (33)
avlidienbrunn (30)
mramydnei1 (24)
peksa (21)
skeptic_fx (19)
D_Szameitat (19)
shafigullin (17)
irsdl (16)
goergr1 (15)

New users
deepsk79
agasfasgasdasds
the_yellow_fall
dovanson91
June_Dion
daige13
fall17691353
summer_poc
ketchupandbeer
jogibharat
palindrom
fubbp
sanjayrk143
bmantra
cnet62
sharath_unni
juliokurt
L0TExp
d0znpp
pnig0s

Popular recent vectors
slash bla htest
Comma analog in script src data

Latest vectors
Comma analog in script src data
slash bla htest
random test
Characters that eat JavaScript regex escapes
Characters that modify JavaScript regex character classes
test all
XSS Without Space Test 1
kinmens test
Single characters that break attribute names
Characters that expands the URL length (host no xn)

© 2017 Copyright Gareth Heyes