big-list-of-naughty-strings

mirror of https://github.com/minimaxir/big-list-of-naughty-strings.git synced 2025-09-02 18:32:40 +02:00

Author	SHA1	Message	Date
Max Woolf	db33ec7b1d	Merge pull request #226 from caasi/patch-1 Index XSS strings	2021-04-17 12:05:45 -07:00
Isaac Huang	18a88989da	Index XSS strings	2021-04-15 18:14:18 +08:00
Max Woolf	894882e7d1	Merge pull request #211 from doroshenko/master Added emoji zwj sequences	2020-05-25 19:39:03 -07:00
Max Woolf	f356d4d460	Merge pull request #210 from tryauuum/master added jinja2 injections	2020-05-25 19:38:43 -07:00
Dmytro Doroshenko	b2eada7e9c	Added emoji zwj sequences The following are the recommended emoji zwj sequences, which use a U+200D ZERO WIDTH JOINER (ZWJ) to join the characters into a single glyph if available. When not available, the ZWJ characters are ignored and a fallback sequence of separate emoji is displayed.	2020-05-24 20:30:36 +03:00
trya	0d5fd11f90	added jinja2 injections	2020-05-18 22:42:34 +03:00
Max Woolf	9c25300f66	Merge pull request #209 from xeroskiller/patch-1 Added tSQL-specific injection string	2020-05-14 19:09:05 -07:00
Travis Manning	494b425a84	Update blns.json Added same string to JSON file;	2020-05-14 09:08:00 -04:00
Travis Manning	a9bae33a08	Added tSQL-specific injection string Leverages built in sproc to drop all tables, instead of guessing a table name;	2020-05-14 08:59:56 -04:00
Max Woolf	ff8b1b2105	Merge pull request #206 from mattsparks/master Adding PHP library	2020-04-19 09:13:24 -07:00
Max Woolf	84c8b77529	Merge branch 'master' into master	2020-04-19 09:13:17 -07:00
Max Woolf	eec4732aac	Merge pull request #207 from eliabieri/master Added C++ library to README	2020-04-19 09:12:47 -07:00
Elia Bieri	cc044ae2c6	Added C++ library to README	2020-03-14 18:27:40 +01:00
Matt Sparks	8ed783b263	Adding PHP library	2020-03-14 13:21:09 -04:00
Max Woolf	e1968d9821	Update LICENSE	2020-01-02 17:43:49 -08:00
Max Woolf	1bed88ff7e	Merge pull request #165 from TheJambo/master Added Ogham Text	2019-12-01 15:20:26 -08:00
Max Woolf	2f3806eaf3	Merge branch 'master' into master	2019-12-01 15:20:19 -08:00
Max Woolf	f52b00a81d	Merge pull request #169 from jasonrobot/master Added a string with RTL text and LTR numbers in parentheses.	2019-12-01 15:17:31 -08:00
Max Woolf	af8aad525f	Merge pull request #172 from emeth-/patch-1 Update README.md with new hackernews thread	2019-12-01 15:08:12 -08:00
Max Woolf	223fe04187	Merge branch 'master' into patch-1	2019-12-01 15:08:06 -08:00
Max Woolf	1184da10cd	Merge pull request #173 from noahkiss/patch-1 Update README.md	2019-12-01 15:07:29 -08:00
Max Woolf	27f72668d5	Merge pull request #175 from l0b0/master Fix Base64 encoding shell script	2019-12-01 14:34:50 -08:00
Max Woolf	88678567a0	Merge branch 'master' into master	2019-12-01 14:34:41 -08:00
Max Woolf	1fb6d03960	Merge pull request #180 from GantMan/patch-1 Add known packages to Readme	2019-12-01 14:18:28 -08:00
Max Woolf	50dc1c1e7a	Merge pull request #179 from DominikHerold/master add new emojis from Emoji Version 11.0	2019-12-01 14:18:07 -08:00
Max Woolf	c78eaee5d7	Merge pull request #191 from dmolesUC/go-module Add Go 1.11+ module file	2019-12-01 14:13:43 -08:00
Max Woolf	4d918a4a0f	Merge pull request #193 from fluidkeys/introduce-makefile introduce makefile to generate internal/resource.go	2019-12-01 14:00:08 -08:00
Max Woolf	56c1923bbe	Merge pull request #195 from mikesamuel/patch-1 Adds `constructor`	2019-12-01 13:59:42 -08:00
Max Woolf	4d8a61a12b	Merge pull request #198 from MohamadKh75/master Add Persian special characters	2019-12-01 13:37:04 -08:00
Max Woolf	0c22978566	Merge branch 'master' into master	2019-12-01 13:36:56 -08:00
Max Woolf	b5ac11be9d	Merge pull request #192 from dmolesUC/regen-resource-go Regenerate resource.go	2019-11-29 16:54:02 -08:00
Max Woolf	a179724c00	Merge pull request #200 from Miha-x64/patch-1 Added Deseret string	2019-11-28 19:02:51 -08:00
Mike	9644d2c9ec	Added Deseret string to JSON	2019-10-25 17:10:12 +03:00
Mike	b105d60873	added Deseret string Deseret characters are located within U+010000..U+10FFFF range and use surrogate pairs even in UTF-16, i. e. use two 'words' (erroneously called 'char's in Java).	2019-09-17 13:44:32 +03:00
MohamadKh75	af2ac4b939	Add Persian special characters	2019-07-07 11:33:49 +04:30
Mike Samuel	71a3013953	Adds `constructor` `constructor` is the only lowercase identifier that is `in` all JavaScript objects, and can be involved in obscure XSS so can be used to abuse code that uses JavaScript objects as lookup tables. ```js var empty = {}; if ('constuctor' in empty && empty['constructor']) { // runs } empty['constructor']['constructor']('alert(1)')(); // Parses and runs ```	2019-02-22 13:29:07 -05:00
Ian Drysdale	993cfe4b4b	introduce makefile to generate internal/resource.go	2019-01-31 17:45:31 +00:00
David Moles	5b32c5ef5e	Add Go 1.11+ module file	2019-01-29 15:46:54 -08:00
David Moles	9ebf526b62	Regenerate resource.go	2019-01-29 15:36:13 -08:00
Gant Laborde	7624f6faa3	Add known packages to Readme I almost created a node package, it's good to know others are out there, as discussed in #174	2018-11-19 08:52:29 -06:00
Dominik Herold	ee14f466fd	add new emojis from Emoji Version 11.0	2018-11-17 23:27:38 +01:00
Victor Engmark	770dd1b426	Regenerate Base64 files	2018-11-17 07:14:50 +13:00
Victor Engmark	b2722e6b19	Avoid globbing and word splitting when expanding variables	2018-11-17 07:10:25 +13:00
Victor Engmark	ea0be30283	Don't mangle backspaces in input Shellcheck test SC2162.	2018-11-17 07:09:34 +13:00
Victor Engmark	701f1264f4	Fail fast in case of programming or runtime errors	2018-11-17 07:09:00 +13:00
Victor Engmark	d0a73016d5	Add a shebang line As recommended by shellcheck.	2018-11-17 07:08:19 +13:00
Victor Engmark	6bcf08beb1	Rename variable for clarity	2018-11-17 07:07:07 +13:00
Victor Engmark	e974868c76	Use idiomatic test statements	2018-11-17 07:06:34 +13:00
Victor Engmark	70e19cae9f	Avoid unnecessary semicolons	2018-11-17 07:05:33 +13:00
Victor Engmark	d5a7cb5473	Fix indentation	2018-11-17 07:05:10 +13:00

1 2 3 4 5 ...

273 Commits