All categories
Browser Quirks
CSS Parsing
Character Encoding
DOM Behavior
Entity Parsing
HTML Parsing
JavaScript Syntax
Regular Expressions
URL Handling
XML Parsing
XSS Execution
Login
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Randomizing...
disconnected
Distributed Fuzzing
Enabled:
Status:
disconnected
Your browser automatically contributes to distributed fuzzing when idle.
All Vectors
Vector name
User
Created
Type
Likes
5
5
5
5
Characters allowed before after onerror events
t0xodile
10/23/2025
XSS
1
⚠ Browser differences
34
35
34
34
HTML elements that parse differently when rendered
hackvertor
4/19/2024
XSS
1
⚠ Browser differences
12.7k
12.7k
2k
12.7k
Characters after https URI scheme which prevent URL parsing of href
Cillian-Collins
10/27/2025
XSS
1
1
1
1
Characters that change length on .toLowerCase()
JorianWoltjer
4/11/2024
JS
1
53
53
53
53
Characters allowed as start of HTML tag name
JorianWoltjer
1/30/2026
XSS
1
65
65
65
65
Characters matching RegEx /\w/ui
JorianWoltjer
12/5/2025
JS
1
18
18
18
18
Entities after protocol-relative URL
hackvertor
4/3/2026
JS
1
⚠ Browser differences
125
122
125
128
All events on window
hackvertor
5/31/2024
JS
1
⚠ Browser differences
3
1
3
1
Characters allowed at IPv6 but don't change the hostname
d0ge
6/10/2024
JS
1
1
1
1
Characters that can break out of an inline style background-image url
0xdef1ant
7/13/2024
XSS
1
⚠ Browser differences
312
312
312
314
Characters allowed at hostname
d0ge
6/11/2024
JS
1
5
5
5
5
Properties that contain URLs
hackvertor
5/31/2024
JS
2
15
15
15
15
HTML elements that are self closing or different text content
hackvertor
4/19/2024
XSS
2
25
25
25
25
Characters allowed after optional chaining
hackvertor
5/4/2024
JS
2
⚠ Browser differences
80
80
80
64
Characters allowed after hostname but don't change the hostname
ThomasOrlita
4/15/2024
JS
2
12
12
12
Unicode characters that get normalized into path traversal characters
hackvertor
12/12/2024
JS
2
3
3
3
3
Characters that can start an HTML comment
0x999-x
7/18/2024
HTML
2
⚠ Browser differences
47
47
47
31
Characters appended at the end of TLD within URL, which yield in the same Origin
hansmach1ne
1/5/2025
JS
2
2k
2k
2k
2k
Characters that cause exceptions when URL encoded
hackvertor
10/3/2024
JS
2
106
106
106
106
Named HTML entities that can be closed with !
avlidienbrunn
7/29/2025
XSS
2
Found
253
records
Page 12 of 13
«
4
5
6
7
8
9
10
11
12
13
»
