minimaxir
/
big-list-of-naughty-strings
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
273 Commits
1 Branch
0 Tags
389 KiB
Commit Graph

273 Commits (master)

Author SHA1 Message Date
Max Woolf db33ec7b1d
Merge pull request #226 from caasi/patch-1 
Index XSS strings
 2021-04-17 12:05:45 -07:00
Isaac Huang 18a88989da
Index XSS strings 2021-04-15 18:14:18 +08:00
Max Woolf 894882e7d1
Merge pull request #211 from doroshenko/master 
Added emoji zwj sequences
 2020-05-25 19:39:03 -07:00
Max Woolf f356d4d460
Merge pull request #210 from tryauuum/master 
added jinja2 injections
 2020-05-25 19:38:43 -07:00
Dmytro Doroshenko b2eada7e9c Added emoji zwj sequences 
The following are the recommended emoji zwj sequences, which use a U+200D ZERO WIDTH JOINER (ZWJ) to join the characters into a single glyph if available. When not available, the ZWJ characters are ignored and a fallback sequence of separate emoji is displayed.
 2020-05-24 20:30:36 +03:00
trya 0d5fd11f90 added jinja2 injections 2020-05-18 22:42:34 +03:00
Max Woolf 9c25300f66
Merge pull request #209 from xeroskiller/patch-1 
Added tSQL-specific injection string
 2020-05-14 19:09:05 -07:00
Travis Manning 494b425a84
Update blns.json 
Added same string to JSON file;
 2020-05-14 09:08:00 -04:00
Travis Manning a9bae33a08
Added tSQL-specific injection string 
Leverages built in sproc to drop all tables, instead of guessing a table name;
 2020-05-14 08:59:56 -04:00
Max Woolf ff8b1b2105
Merge pull request #206 from mattsparks/master 
Adding PHP library
 2020-04-19 09:13:24 -07:00
Max Woolf 84c8b77529
Merge branch 'master' into master 2020-04-19 09:13:17 -07:00
Max Woolf eec4732aac
Merge pull request #207 from eliabieri/master 
Added C++ library to README
 2020-04-19 09:12:47 -07:00
Elia Bieri cc044ae2c6
Added C++ library to README 2020-03-14 18:27:40 +01:00
Matt Sparks 8ed783b263 Adding PHP library 2020-03-14 13:21:09 -04:00
Max Woolf e1968d9821
Update LICENSE 2020-01-02 17:43:49 -08:00
Max Woolf 1bed88ff7e
Merge pull request #165 from TheJambo/master 
Added Ogham Text
 2019-12-01 15:20:26 -08:00
Max Woolf 2f3806eaf3
Merge branch 'master' into master 2019-12-01 15:20:19 -08:00
Max Woolf f52b00a81d
Merge pull request #169 from jasonrobot/master 
Added a string with RTL text and LTR numbers in parentheses.
 2019-12-01 15:17:31 -08:00
Max Woolf af8aad525f
Merge pull request #172 from emeth-/patch-1 
Update README.md with new hackernews thread
 2019-12-01 15:08:12 -08:00
Max Woolf 223fe04187
Merge branch 'master' into patch-1 2019-12-01 15:08:06 -08:00
Max Woolf 1184da10cd
Merge pull request #173 from noahkiss/patch-1 
Update README.md
 2019-12-01 15:07:29 -08:00
Max Woolf 27f72668d5
Merge pull request #175 from l0b0/master 
Fix Base64 encoding shell script
 2019-12-01 14:34:50 -08:00
Max Woolf 88678567a0
Merge branch 'master' into master 2019-12-01 14:34:41 -08:00
Max Woolf 1fb6d03960
Merge pull request #180 from GantMan/patch-1 
Add known packages to Readme
 2019-12-01 14:18:28 -08:00
Max Woolf 50dc1c1e7a
Merge pull request #179 from DominikHerold/master 
add new emojis from Emoji Version 11.0
 2019-12-01 14:18:07 -08:00
Max Woolf c78eaee5d7
Merge pull request #191 from dmolesUC/go-module 
Add Go 1.11+ module file
 2019-12-01 14:13:43 -08:00
Max Woolf 4d918a4a0f
Merge pull request #193 from fluidkeys/introduce-makefile 
introduce makefile to generate internal/resource.go
 2019-12-01 14:00:08 -08:00
Max Woolf 56c1923bbe
Merge pull request #195 from mikesamuel/patch-1 
Adds `constructor`
 2019-12-01 13:59:42 -08:00
Max Woolf 4d8a61a12b
Merge pull request #198 from MohamadKh75/master 
Add Persian special characters
 2019-12-01 13:37:04 -08:00
Max Woolf 0c22978566
Merge branch 'master' into master 2019-12-01 13:36:56 -08:00
Max Woolf b5ac11be9d
Merge pull request #192 from dmolesUC/regen-resource-go 
Regenerate resource.go
 2019-11-29 16:54:02 -08:00
Max Woolf a179724c00
Merge pull request #200 from Miha-x64/patch-1 
Added Deseret string
 2019-11-28 19:02:51 -08:00
Mike 9644d2c9ec
Added Deseret string to JSON 2019-10-25 17:10:12 +03:00
Mike b105d60873
added Deseret string 
Deseret characters are located within U+010000..U+10FFFF range and use surrogate pairs even in UTF-16, i. e. use two 'words' (erroneously called 'char's in Java).
 2019-09-17 13:44:32 +03:00
MohamadKh75 af2ac4b939 Add Persian special characters 2019-07-07 11:33:49 +04:30
Mike Samuel 71a3013953
Adds `constructor` 
`constructor` is the only lowercase identifier that is `in` all JavaScript objects, and can be involved in obscure XSS so can be used to abuse code that uses JavaScript objects as lookup tables.

```js
var empty = {};
if ('constuctor' in empty && empty['constructor']) {
  // runs
}
empty['constructor']['constructor']('alert(1)')();  // Parses and runs 
```
 2019-02-22 13:29:07 -05:00
Ian Drysdale 993cfe4b4b
introduce makefile to generate internal/resource.go 2019-01-31 17:45:31 +00:00
David Moles 5b32c5ef5e Add Go 1.11+ module file 2019-01-29 15:46:54 -08:00
David Moles 9ebf526b62 Regenerate resource.go 2019-01-29 15:36:13 -08:00
Gant Laborde 7624f6faa3
Add known packages to Readme 
I almost created a node package, it's good to know others are out there, as discussed in #174
 2018-11-19 08:52:29 -06:00
Dominik Herold ee14f466fd add new emojis from Emoji Version 11.0 2018-11-17 23:27:38 +01:00
Victor Engmark 770dd1b426 Regenerate Base64 files 2018-11-17 07:14:50 +13:00
Victor Engmark b2722e6b19 Avoid globbing and word splitting when expanding variables 2018-11-17 07:10:25 +13:00
Victor Engmark ea0be30283 Don't mangle backspaces in input 
Shellcheck test SC2162.
 2018-11-17 07:09:34 +13:00
Victor Engmark 701f1264f4 Fail fast in case of programming or runtime errors 2018-11-17 07:09:00 +13:00
Victor Engmark d0a73016d5 Add a shebang line 
As recommended by shellcheck.
 2018-11-17 07:08:19 +13:00
Victor Engmark 6bcf08beb1 Rename variable for clarity 2018-11-17 07:07:07 +13:00
Victor Engmark e974868c76 Use idiomatic test statements 2018-11-17 07:06:34 +13:00
Victor Engmark 70e19cae9f Avoid unnecessary semicolons 2018-11-17 07:05:33 +13:00
Victor Engmark d5a7cb5473 Fix indentation 2018-11-17 07:05:10 +13:00