All categories
Browser Quirks
CSS Parsing
Character Encoding
DOM Behavior
Entity Parsing
HTML Parsing
JavaScript Syntax
Regular Expressions
URL Handling
XML Parsing
XSS Execution
Login
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Bamboozling...
disconnected
Distributed Fuzzing
Enabled:
Status:
disconnected
Your browser automatically contributes to distributed fuzzing when idle.
All Vectors
Vector name
User
Created
Type
Likes
12
12
12
Unicode characters that get normalized into path traversal characters
hackvertor
12/12/2024
JS
2
⚠ Browser differences
80
80
80
64
Characters allowed after hostname but don't change the hostname
ThomasOrlita
4/15/2024
JS
2
1
1
1
1
Characters allowed in-between hyphens
hackvertor
4/14/2024
XSS
1
⚠ Browser differences
1
1
1
89
Characters unencoded characters supported in the hash
hackvertor
9/24/2024
JS
1
1
1
1
Entities allowed between two forward slashes
InsertScript
9/19/2024
XSS
1
⚠ Browser differences
39
1
39
39
HTML tags that force HTML mode inside SVG
hackvertor
8/2/2024
XSS
1
40
40
40
JavaScript Scheme starting with http
BinaryScary
7/16/2024
JS
1
1
1
1
1
Characters between < and element name
ThomasOrlita
4/15/2024
HTML
1
⚠ Browser differences
2
1
2
JIS X 0208 bytes that produce ASCII characters
JorianWoltjer
9/22/2024
JS
1
577
577
577
577
Entities allowed as JS variables
hackvertor
7/2/2024
XSS
1
1
1
1
Includes Validation Chars Allowed
Simpsonpt
10/8/2024
JS
1
6
6
6
ToUpperCase Improper Character Morphing
IDKdir
7/13/2024
JS
1
1
1
1
Characters that can break out of an inline style background-image url
0xdef1ant
7/13/2024
XSS
1
31
31
31
31
Characters allowed after malformed entities
hackvertor
7/1/2024
XSS
1
⚠ Browser differences
3
1
3
1
Characters allowed at IPv6 but don't change the hostname
d0ge
6/10/2024
JS
1
⚠ Browser differences
124
122
124
128
All events on window
hackvertor
5/31/2024
JS
1
⚠ Browser differences
312
311
312
314
Characters allowed at hostname
d0ge
6/11/2024
JS
1
⚠ Browser differences
65.5k
65.5k
65.5k
75
Characters not urlencoded when using the credentials part of the URL
hackvertor
5/28/2024
JS
1
1
1
1
Characters that change length on .toLowerCase()
JorianWoltjer
4/11/2024
JS
1
⚠ Browser differences
34
35
34
34
HTML elements that parse differently when rendered
hackvertor
4/19/2024
XSS
1
Found
245
records
Page 2 of 13
«
1
2
3
4
5
6
7
8
9
10
»
