HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
Switch branches/tags
Nothing to show
Clone or download
cure53 Merge pull request #13 from ausi/patch-1
Fix path name to payloads.js file
Latest commit 931324f Jun 21, 2018

HTML5 Security Cheatsheet

This is the new home of the H5SC or HTML5 Security Cheatsheet. Here you will find three things:

  • A collection of HTML5 related XSS attack vectors
  • A set of useful files for XSS testing
  • A set of formerly hidden features useful for XSS testing

The XSS Vectors

The collection of XSS vectors can be found here:

Useful Files

We published a list of files useful for XSS testing in various situations. Currently the following files are available:

Pull requests welcome, we store the files in the /attachments sub-folder.

Hidden Features

The H5SC currently has three "hidden" features