All categories
Browser Quirks
CSS Parsing
Character Encoding
DOM Behavior
Entity Parsing
HTML Parsing
JavaScript Syntax
Regular Expressions
URL Handling
Web APIs
XML Parsing
XSS Execution
Login
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Stats
Performance
Features
Differences
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Home
Vectors
Categories
All vectors
Browser diffs
RSS
Stats
Performance
Features
Differences
Network
Tools
Cheat sheet
Unicode table
Dynamic template
Blog
Blog home
RSS
Help
Obfuscating...
disconnected
Distributed Fuzzing
Enabled:
Status:
disconnected
Your browser automatically contributes to distributed fuzzing when idle.
All Vectors
Vector name
User
Created
Type
Likes
⚠ Browser differences
2
2
1
2
characters after slash that make a http protocol
InsertScript
4/3/2024
XSS
0
⚠ Browser differences
2
4
2
framers event executors
weizman
4/10/2024
XSS
0
1
1
1
Characters that can break out of an inline style with single quotes
0xdef1ant
7/13/2024
XSS
0
3
3
3
3
Entities that convert to greater than in a iframe srcdoc
hackvertor
8/1/2024
XSS
0
1
1
1
1
Characters allowed in-between hyphens
hackvertor
4/14/2024
XSS
1
2
2
2
2
Tags that HTML encode it's contents
hackvertor
7/16/2024
XSS
0
31
31
31
31
Characters allowed after malformed entities
hackvertor
7/1/2024
XSS
1
9
9
9
XSS vectors that consume tag
Y4tacker
11/5/2024
XSS
1
32
32
32
32
Characters that can precede the javascript protocol copy
rcbarnett
5/2/2024
XSS
0
31
31
31
31
Characters allowed after greater than in events
hackvertor
6/21/2024
XSS
0
4
4
4
Entities allowed between two forward slashes
InsertScript
9/19/2024
XSS
1
3
3
3
3
Characters that can be inserted in the middle of the JS protocol name
cold-try
4/15/2024
XSS
0
1
1
1
Characters allowed in colon entity
InsertScript
9/19/2024
XSS
0
1
1
1
Characters that can break out of an inline style background-image url
0xdef1ant
7/13/2024
XSS
1
4
4
4
4
Entities that cause an external URL before @
hackvertor
9/25/2024
XSS
4
78.6k
78.6k
78.6k
78.6k
Characters that cause the backslash to be consumed with GBK charset
hackvertor
11/7/2024
XSS
0
7
7
7
7
Characters that close or encapsulate HTML attribute values
ola456
11/5/2024
XSS
1
⚠ Browser differences
16
16
16
6
Entities allowed between function calls
hackvertor
6/29/2024
XSS
0
6
6
6
Characters allowed before onerror events
hackvertor
3/30/2024
XSS
0
2
2
2
2
Characters that act as attribute quotes
hackvertor
5/28/2024
XSS
0
Found
280
records
Page 1 of 14
1
2
3
4
5
6
7
8
9
10
»