Skip content
Are you looking for?
LRQA Cyber Labs

Cross Site Scripting Payloads

github GitHub: https://github.com/nettitude/xss_payloads

We curate a set of fun and interesting Cross Site Scripting (XSS) payloads.  They’re designed for quick and effective attacks when time is too short and using a framework is too big.  Our payloads allow you to have fun with things such as:

  • Obtaining NTLM hashes from your victim, ready to crack and use on perimeter services
  • Scan internal networks as part of further enumeration
  • Obtain credentials directly from your victim
  • Grab sensitive content from your victim’s DOM
  • …and much more!
Login XSS

Login XSS

Over time, these payloads will be further developed and expanded upon.  Throw them in your testing kit for quick and dirty Cross Site Scripting wins.

github GitHub: https://github.com/nettitude/xss_payloads

Latest Cyber Labs articles

  • Binary Ninja Plugin

    Article

    Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware...

  • This Badge is My Badge

    Article

    When it comes to covert entry assessments, successfully capturing RFID badge values can mean the difference between failure...

  • Version Tracking in Ghidra

    Article

    When a binary is reverse engineered using Ghidra, various annotations are applied to aid in understanding the binary’s...

  • Cross Site Scripting Payloads

    Article

    We curate a set of fun and interesting Cross Site Scripting (XSS) payloads. They’re designed for quick...

  • Prowl

    Article

    Prowl is an open source data harvesting tool written in Python to help alleviate some of the more...

  • PoshC2 documentation

    Article

    We maintain PoshC2 documentation over at https://poshc2.readthedocs.io/en/latest/. For your convenience, we have also embedded it below.

  • Penetration Testing

    Article

    We are looking for passionate and skilled penetration testers with professional experience. There are multiple roles available...

  • Accelerator Program

    Article

    Do you want a job in cyber security but don’t know how to break into the industry? Tired...

  • Rocktastic

    Article

    Bigger, better (faster, stronger…) Bigger isn’t always better, but sometimes it is. If you need a huge word...