HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
JavaScript PHP CSS HTML ApacheConf XSLT
Latest commit 248e86d Jan 16, 2017 @cure53 committed on GitHub Merge pull request #10 from zicai/patch-1
fix broken link

README.md

HTML5 Security Cheatsheet

This is the new home of the H5SC or HTML5 Security Cheatsheet. Here you will find three things:

  • A collection of HTML5 related XSS attack vectors
  • A set of useful files for XSS testing
  • A set of formerly hidden features useful for XSS testing

The XSS Vectors

The collection of XSS vectors can be found here: https://html5sec.org/

Useful Files

We published a list of files useful for XSS testing in various situations. Currently the following files are available:

Pull requests welcome, we store the files in the /attachments sub-folder.

Hidden Features

The H5SC currently has three "hidden" features