Featured vector

No vectors found in the last 30 days

Fuzz vector cloud

3,384,742 Successful fuzzes

Fuzz Vectors

Searching for "string"

Your browser identified as

General Crawlers unknown

All vectors

Description	Vector	Created by
Characters that close strings in chrome 2	<!-- sample vector --> <script>var test = 'testchr;logChr(num);</script>	@Nomicon3
String quotes in JS context	<script>snum = chrnumchr;if (typeof snum == "string" && snum == "num") logChr(num);</script>	@blubbfiction
Characters that start JavaScript double quote strings	<script> chr"; logChr(num) </script>	@peksa
Characters that result in multiline strings	<script> var a = "chr "; logChr(num); </script>	@tifkin_
Characters allowed after string multiline separator	<script> var x = "asdf\chr asdf"; logChr(num); </script>	@tifkin_
String variables	<script> props=props.concat(Object.getOwnPropertyNames(window)); for(var i=-100;i<100;i++) { props.push(i); } props.forEach(function(){ if(''[arguments[0]])customLog(arguments[0]); }) </script>	@garethheyes
Characters eating backslash in javascript string 2	<script>if("x\chr".length==2) { log(num);}</script>	@mhswende
Characters eating backslash in javascript string	<script>if("x\chr".length==1) { log(num);}</script>	@mhswende
Characters ignored inside javascript string v2	<script>if("xchrx" == "xx") { log(num);}</script>	@mhswende
Uncode sequences generating illegitimate ASCII	<script> "\ud83d\uhex4".match(/.<./) ? log(num) : null; </script>	@0x6D6172696F
Characters consuming backslashes and breaking JS strings	<script>a='abc\chr\';log(num)//def';</script>	@0x6D6172696F
Characters breaking CSS strings allowing expression	"'`>ABC<div style="font-family:'foochr;x:expression(log(num));/*';">DEF	@0x6D6172696F
Characters ending CSS values allowing expressions	"'`>ABC<div style="font-family:'foo'chrx:expression(log(num));/*';">DEF	@0x6D6172696F

Top fuzzers
insertScript (592)
garethheyes (256)
0x6D6172696F (51)
i_bo0om (51)
JohnathanKuskos (46)
heyheyheyhey10 (43)
tifkin_ (42)
palindrom (38)
Giutro (35)
jackmasa (35)
albinowax (33)
0xAli (33)
avlidienbrunn (30)
mramydnei1 (24)
peksa (21)
skeptic_fx (19)
D_Szameitat (19)
ahpaleus (18)
shafigullin (17)
hyeim8 (16)

New users
samengmg
zeroroseinc
jin83971705
zentacross001
HackerNotFound
FaizalHasanwala
mr5827948
_ttffdd_
amrul_01
Aaaa32053280
HNThrowaway
Rezk0n
s0cket7
hyeim8
kuchuxaa
highjack_
AnderXploit
bobba93648920
Nomicon3
ArushiWish

Popular recent vectors
dunno
html elements that end scripts
Characters that close strings in chrome 2
svg xss
Saf2
xss 5
Name
Safari
XSS without par
After open bracket

Latest vectors
close tag construction unicode
close tag construction
After open bracket
uxss legend
uxssnd22
test22
nnbbbbbbbff
chars allowed between js commentmm
uxlld
uxll

© 2019 Copyright Gareth Heyes