Commit Graph

Select branches

Hide Pull Requests

master

#1

#10

#102

#103

#106

#108

#109

#11

#110

#115

#116

#118

#118

#119

#12

#120

#120

#121

#121

#122

#122

#125

#127

#128

#129

#131

#131

#133

#133

#134

#134

#135

#135

#140

#140

#141

#141

#143

#143

#144

#144

#145

#145

#146

#146

#147

#147

#149

#15

#150

#150

#152

#152

#155

#155

#156

#156

#158

#158

#159

#160

#161

#162

#163

#164

#164

#165

#167

#169

#17

#172

#173

#175

#176

#176

#179

#18

#18

#180

#181

#182

#185

#185

#189

#19

#19

#191

#192

#193

#195

#196

#198

#2

#200

#204

#204

#205

#205

#206

#207

#209

#21

#21

#210

#211

#214

#214

#215

#215

#218

#218

#219

#219

#22

#220

#220

#221

#221

#223

#223

#224

#224

#225

#226

#227

#227

#228

#228

#23

#230

#230

#231

#231

#233

#233

#234

#234

#239

#239

#24

#24

#246

#246

#247

#247

#248

#248

#249

#249

#253

#253

#254

#254

#255

#255

#257

#257

#26

#26

#262

#262

#269

#269

#27

#27

#270

#270

#272

#272

#29

#29

#3

#3

#30

#30

#31

#32

#34

#35

#36

#37

#39

#4

#41

#42

#43

#45

#47

#47

#49

#5

#50

#51

#53

#54

#56

#57

#59

#6

#60

#60

#61

#64

#65

#66

#66

#68

#69

#7

#71

#73

#74

#74

#76

#76

#77

#77

#78

#78

#8

#81

#82

#83

#84

#85

#89

#9

#90

#90

#92

#93

#94

#95

#96

#96

#98

#98

Mono Color

• 183ae90ec5 Unify message for XSS strings to a numeric value. This is the best for a PoC because it avoids any quote escaping. Joseph Lennox 2015-08-12 08:54:41 -07:00
• d981a1fc39 Merge pull request #34 from YR/master Max Woolf 2015-08-12 07:03:12 -07:00
• 7942dbec92 change to minimaxir/master Sofien Lazreg 2015-08-12 10:21:10 +02:00
• fda211217e add package.json Sofien Lazreg 2015-08-12 10:10:31 +02:00
• ce4d3a4321 Merge pull request #32 from rschoultz/master Max Woolf 2015-08-11 23:41:13 -07:00
• e97c828fa3 Added XXE injection string. Rickard Schoultz 2015-08-12 08:35:20 +02:00
• 7ef8595322 Merge pull request #31 from 06b/master Max Woolf 2015-08-11 21:26:51 -07:00
• d9cdb7cd76 Merge pull request #1 from 06b/bug-in-msspell7.dll Adrian D. Alvarez 2015-08-12 00:19:33 -04:00
• a49eebfb85 Updated blns.json to include msspell7.dll bug Adrian D. Alvarez 2015-08-12 00:19:12 -04:00
• 1d209c567a Added string that will lock up OneNote 2013, because of a bug in msspell7.dll Adrian D. Alvarez 2015-08-12 00:17:44 -04:00
• 409a74e222 #30; updated blns.json to latest Max Woolf 2015-08-11 21:05:10 -07:00
• 896a6faf4f #29 Max Woolf 2015-08-11 21:00:39 -07:00
• 4f0ad73423 #27 Max Woolf 2015-08-11 20:57:00 -07:00
• 26585a7641 #24 Max Woolf 2015-08-11 20:53:57 -07:00
• f5217d8ab3 edit README in light of #28 Max Woolf 2015-08-11 20:50:29 -07:00
• b021962ef5 #24 Max Woolf 2015-08-11 20:43:14 -07:00
• 62066882b5 Null character defeated! Max Woolf 2015-08-11 20:41:59 -07:00
• ff6e9a72f1 #21; .gitattributes Max Woolf 2015-08-11 20:25:32 -07:00
• ad59ef98b3 #21; Fix .gitattributes again Max Woolf 2015-08-11 20:20:24 -07:00
• e3886d3275 Manually add strings from #9 Max Woolf 2015-08-11 20:07:56 -07:00
• a03151d467 Merge branch 'jwilkins-patch-1' Max Woolf 2015-08-11 19:57:56 -07:00
• 5bbd83d7c2 text Max Woolf 2015-08-11 19:57:30 -07:00
• 7217042698 Merged #3 and included non-long strings in blns.txt Max Woolf 2015-08-11 19:41:08 -07:00
• c23d11ff9d Merge remote-tracking branch 'origin/master' Max Woolf 2015-08-11 19:22:34 -07:00
• 0bbf309868 Add gitattributes file to force blns.txt to be text Max Woolf 2015-08-11 19:21:14 -07:00
• 0a29e84481 Merge pull request #23 from sartak/master Max Woolf 2015-08-11 10:29:01 -07:00
• 7500c5ff3b Add Perl's "undef" Shawn M Moore 2015-08-11 13:08:49 -04:00
• 3e856f7b93 Merge pull request #22 from JuanitoFatas/patch-1 Max Woolf 2015-08-11 09:28:19 -07:00
• 18c98526a6 Fix comment [ci skip] Juanito Fatas 2015-08-11 23:42:19 +08:00
• 6b3a0a3489 Added EICAR note Max Woolf 2015-08-11 07:51:21 -07:00
• b518990120 More trick unicode from rspeer at HN Max Woolf 2015-08-10 19:16:01 -07:00
• d10f848922 update JSON to latest Max Woolf 2015-08-10 19:07:24 -07:00
• a564fe3113 add maintainer note Max Woolf 2015-08-10 19:00:57 -07:00
• ef23ab616c make formatting more consistent Max Woolf 2015-08-10 18:58:18 -07:00
• 3a4375fc16 Merge pull request #17 from ataylor32/script-injection Max Woolf 2015-08-10 18:52:17 -07:00
• b191b4a2ef Added another line to the "Script Injection" section Adam Taylor 2015-08-10 19:46:12 -06:00
• 95189629fd Merge pull request #15 from 06b/patch-1 Max Woolf 2015-08-10 18:08:27 -07:00
• 5fa6653a89 Added Full width unicode lt/gt Adrian D. Alvarez 2015-08-10 20:54:00 -04:00
• 3fdbc7f944 Merge pull request #12 from jlennox/master Max Woolf 2015-08-10 14:37:45 -07:00
• 9dbe44bf69 XSS attribute escapes without lt/gt/quote symbols. Joseph Lennox 2015-08-10 14:30:34 -07:00
• 02e7317f73 Negative number validation errors. Joseph Lennox 2015-08-10 14:29:33 -07:00
• 1f69f22e39 Merge pull request #11 from aesopwolf/patch-1 Max Woolf 2015-08-10 14:21:59 -07:00
• 4bc2f13535 Update blns.txt Aesop Wolf 2015-08-10 14:18:38 -07:00
• e00ffa398b Merge pull request #10 from mariusschulz/patch-1 Max Woolf 2015-08-10 14:17:39 -07:00
• f594d6aa2a Negative number validation errors. Joseph Lennox 2015-08-10 14:16:11 -07:00
• 2769cc1e80 Adds "nil" and "NIL" Marius Schulz 2015-08-10 23:07:19 +02:00
• 6265464412 Merge pull request #7 from thebouv/master Max Woolf 2015-08-10 14:09:06 -07:00
• a3f9ce6613 Merge pull request #8 from jlennox/master Max Woolf 2015-08-10 14:08:51 -07:00
• 33e1224dce add MSDOS/Windows device names, more math parsing Jonathan Wilkins 2015-08-10 14:07:44 -07:00
• 3488e0597a Adds "NULL" as a naughty string Marius Schulz 2015-08-10 23:05:19 +02:00
• 746eab6d76 Remove duplicated XSS. Joseph Lennox 2015-08-10 13:59:06 -07:00
• dac244a7cc Add numbers to detect poor decimal validation -- European decimal format. Joseph Lennox 2015-08-10 13:57:51 -07:00
• 411ac4c627 Minor typo and grammar fixes to README Anthony Bouvier 2015-08-10 16:48:46 -04:00
• aed81403bc Add backtick special character list because IE7 allows it as attribute quotes. Add basic attribute escapes to XSS list. Joseph Lennox 2015-08-10 13:48:01 -07:00
• 637a06c7bf Add numbers to detect poor decimal validation. Add non-numeric Number types to detect poorly handled JavaScript validation. Joseph Lennox 2015-08-10 13:46:53 -07:00
• 5376bb15b7 Merge pull request #5 from foxdan/snowman Max Woolf 2015-08-10 11:43:12 -07:00
• 99e352f1eb Merge pull request #6 from donatj/patch-1 Max Woolf 2015-08-10 11:43:01 -07:00
• 1b844e5977 Update blns.txt Jesse Donat 2015-08-10 13:32:56 -05:00
• c13f4ac1f5 Adds UTF-8 4-byte chinese characters. Jesse Donat 2015-08-10 13:30:36 -05:00
• 9942b1a135 Unicode Snowman for You Dan Fox 2015-08-10 19:21:53 +01:00
• 1a90a0437e Merge pull request #4 from ejcx/knowncves Max Woolf 2015-08-10 10:54:14 -07:00
• adc6dfcd4e Add known vuln section. Start with shellshock e 2015-08-10 10:50:23 -07:00
• 57bff34864 Merge pull request #2 from abotsis/master Max Woolf 2015-08-10 10:39:16 -07:00
• a472387b62 be less evil Aaron Botsis 2015-08-10 13:11:24 -04:00
• 85a82a7d95 Merge pull request #1 from ejcx/commonwebattacks Max Woolf 2015-08-10 09:33:19 -07:00
• cf6ed306d2 Add file inclusion with null byte exception, and a chrome XSS bypass courtesy of brutelogic e 2015-08-10 09:19:30 -07:00
• 3807c125fb Finish README Max Woolf 2015-08-09 21:52:42 -07:00
• 12fd0e7707 better GIF Max Woolf 2015-08-09 13:06:32 -07:00
• 6f289fd72b More Strings, Txt to JSON Script Max Woolf 2015-08-09 12:22:42 -07:00
• 42b4f0367a Added many more strings. Max Woolf 2015-08-08 21:54:39 -07:00
• 6ae2269938 initial list Max Woolf 2015-08-08 19:11:39 -07:00
• bb32170407 Update README.md Max Woolf 2015-08-08 14:05:35 -07:00
• 131a927cc3 Initial commit Max Woolf 2015-08-08 13:57:20 -07:00