Featured vector

Firefox 0.0
 <0x3cimg src='about:blank' onerror=alert(1)>

Fuzz vector cloud

3,344,426 Successful fuzzes

Fuzz Vectors

Searching for "Comments"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Characters that close a HTML comment 4	<!-- --chr> <img src=xxx:x onerror=log(num)> -->	@irsdl
Things that break from URIs javascript comments	<a href="javascript://chrlogChr(num)">aaa</a>	@0xAli
Characters that escape JavaScript single line comments	<script> // hmm chrlogChr(num) </script>	@peksa
Characters that close a HTML comment 0021	<!--chr><img src=xxx:x onerror=log(num)> -->	@matttiko
Characters to break VBScript comments	<script language="vbscript"> 'chrlog(num)' </script>	@0x6D6172696F
Characters allowed in between dashes to end html comments	<!-- -chr-> <script>logChr(num)</script> -->	@JohnathanKuskos
Characters that close a HTML comment 3	--><!-- -chr-> <img src=xxx:x onerror=log(num)> -->	@DOMXss
Hex characters allowed after asterix in CSS comments	<div id="fuzzelementnum" style="/*\hex2*/;color:#000000;"></div>	@garethheyes
Characters allowed after asterix in CSS comments	<div id="fuzzelementnum" style="/**chr/;color:#000000;"></div>	@garethheyes
Characters that close a HTML comment 002	<!--chr<img src=xxx:x onerror=log(num)> -->	@0x6D6172696F
Characters escaping JS comment delimiters 001	<script>/* *chr/log(num)// */</script>	@0x6D6172696F
Characters that close JS Comments	'"`><script>/* *chrlog(num)// */</script>	@garethheyes
Characters that close a HTML comment	--><!-- --chr> <img src=xxx:x onerror=log(num)> -->	@garethheyes

Top fuzzers
insertScript (588)
garethheyes (256)
i_bo0om (51)
0x6D6172696F (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
jackmasa (35)
Giutro (35)
0xAli (33)
albinowax (33)
avlidienbrunn (30)
mramydnei1 (24)
peksa (21)
D_Szameitat (19)
skeptic_fx (19)
shafigullin (17)
irsdl (16)
goergr1 (15)

New users
supriza0
RobinsonLiamr
zhu87069511
alxbrsn
malerisch
theonionjr
634235622
D0WNSOME
bugtest009
circl_lastname
yougina
1lastBr3ath
0xUnl1nk
notharryisgamer
abdilahrf
hishammahmood41
AbhayNayar
goija
moweiyang02141
1baicai1

Popular recent vectors
allowed characters in entities
Equal
Characters used for event handlers instead of equal sign
Valid characters in on____ event handler attributes
33333333333333
charsThatCloseAMutatedComment
sdf2222222222222222
After reference
http test
On Event Header Based Testing

Latest vectors
dunno
break out of img src
testingxx
char after event
qqqsqdqd test
htm test2
http test
On Event Header Based Testing
After reference
Valid characters in on____ event handler attributes

© 2019 Copyright Gareth Heyes