All categories
Browser Quirks
CSS Parsing
Character Encoding
DOM Behavior
Entity Parsing
HTML Parsing
JavaScript Syntax
Regular Expressions
URL Handling
Web APIs
XML Parsing
XSS Execution
Login
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Stats
Performance
Features
Differences
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Stats
Performance
Features
Differences
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Fuzzing...
disconnected
Distributed Fuzzing
Enabled:
Status:
disconnected
Your browser automatically contributes to distributed fuzzing when idle.
All Vectors
Vector name
User
Created
Type
Likes
6
6
6
6
Chars allowed before style attribute...
t0xodile
10/25/2025
XSS
0
⚠ Browser differences
34
35
34
34
HTML elements that parse differently when rendered
hackvertor
4/19/2024
XSS
1
1
1
1
1
chars before img tags
t0xodile
10/25/2025
XSS
0
⚠ Browser differences
2k
2
2k
12.7k
Characters after https URI scheme which prevent URL parsing of href
Cillian-Collins
10/27/2025
XSS
1
7
7
7
7
Characters allowed while closing script tag
AyushXtha
10/27/2025
XSS
3
14
14
14
Active formatting elements
JorianWoltjer
5/1/2024
XSS
0
53
53
53
53
Characters allowed as start of HTML tag name
JorianWoltjer
1/30/2026
XSS
1
⚠ Browser differences
1.1M
65.5k
1.1M
65.5k
Characters allowed in middle of HTML tag name
JorianWoltjer
1/30/2026
XSS
1
1
1
1
Characters that can break out of an inline style with single quotes
0xdef1ant
7/13/2024
XSS
0
7
7
7
7
Characters Supported in </script> Tags
ghannu0x01
2/10/2026
XSS
0
6
6
6
6
Characters allowed in between start of HTML tag name and event handler
AyushXtha
3/4/2026
XSS
1
1
1
1
1
XSS vectors that execute automatically inside svg
hackvertor
4/17/2024
XSS
0
6
6
6
6
Characters allowed before event handler
AyushXtha
3/12/2026
XSS
1
6
6
6
Characters allowed before onerror events
hackvertor
3/30/2024
XSS
0
1
1
1
Characters allowed to break double quotes
p3n7a90n
6/30/2024
XSS
0
3
3
3
3
Characters that can be inserted in the middle of the JS protocol name
cold-try
4/15/2024
XSS
0
2
2
2
2
Characters that act as attribute quotes
hackvertor
5/28/2024
XSS
0
1
1
1
Characters that can break out of an inline style background-image url
0xdef1ant
7/13/2024
XSS
1
1
1
1
1
XSS vectors that execute automatically inside math
hackvertor
4/17/2024
XSS
0
18
18
18
18
Entities allowed between function call and number
hackvertor
7/2/2024
XSS
0
Found
280
records
Page 14 of 14
«
5
6
7
8
9
10
11
12
13
14