Featured vector

Default Browser 0.0
 <img src onerror0x0a=0x0aalert(1)>

Fuzz vector cloud

3,403,239 Successful fuzzes

Fuzz Vectors

Searching for "string"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Characters that close strings in chrome 2	<!-- sample vector --> <script>var test = 'testchr;logChr(num);</script>	@Nomicon3
String quotes in JS context	<script>snum = chrnumchr;if (typeof snum == "string" && snum == "num") logChr(num);</script>	@blubbfiction
Characters that start JavaScript double quote strings	<script> chr"; logChr(num) </script>	@peksa
Characters that result in multiline strings	<script> var a = "chr "; logChr(num); </script>	@tifkin_
Characters allowed after string multiline separator	<script> var x = "asdf\chr asdf"; logChr(num); </script>	@tifkin_
String variables	<script> props=props.concat(Object.getOwnPropertyNames(window)); for(var i=-100;i<100;i++) { props.push(i); } props.forEach(function(){ if(''[arguments[0]])customLog(arguments[0]); }) </script>	@garethheyes
Characters eating backslash in javascript string 2	<script>if("x\chr".length==2) { log(num);}</script>	@mhswende
Characters eating backslash in javascript string	<script>if("x\chr".length==1) { log(num);}</script>	@mhswende
Characters ignored inside javascript string v2	<script>if("xchrx" == "xx") { log(num);}</script>	@mhswende
Uncode sequences generating illegitimate ASCII	<script> "\ud83d\uhex4".match(/.<./) ? log(num) : null; </script>	@0x6D6172696F
Characters consuming backslashes and breaking JS strings	<script>a='abc\chr\';log(num)//def';</script>	@0x6D6172696F
Characters breaking CSS strings allowing expression	"'`>ABC<div style="font-family:'foochr;x:expression(log(num));/*';">DEF	@0x6D6172696F
Characters ending CSS values allowing expressions	"'`>ABC<div style="font-family:'foo'chrx:expression(log(num));/*';">DEF	@0x6D6172696F

Top fuzzers
insertScript (679)
garethheyes (256)
i_bo0om (51)
0x6D6172696F (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
Giutro (35)
jackmasa (35)
albinowax (33)
0xAli (33)
avlidienbrunn (30)
mramydnei1 (24)
Lamp_AE (22)
peksa (21)
D_Szameitat (19)
skeptic_fx (19)
ahpaleus (18)
irsdl (18)

New users
Lamp_AE
HackingBrowser
y3gou666
jeem36800855
KagamigawaAlter
AugustoMunue
tunaninhesabi
s0md3v
DrStache_
Goo85383451
molenzwiebel
BenjaminFreyArt
itszn13
Khangarood
edu_nuri
TOXXIC_407
PondMido
h0n3yc4k3
samengmg
zeroroseinc

Popular recent vectors
Just testing man
testxx
Unicode characters that normalize to a dot in URLs
test2
test_browser_backdoor
Tags with Onerror
Characters that can go on either side of in attribute
Valid HTML Attribute Seperators
Tags with JS capable Events

Latest vectors
Tags with JS capable Events
Tags with Onerror
Characters that can go on either side of in attribute
Valid HTML Attribute Seperators
Unicode characters that normalize to a dot in URLs
test2
test_browser_backdoor
Just testing man
testxx
characters that can assign values to attributes

© 2019 Copyright Gareth Heyes