View HTTP RAW DATA


Task Checklist


XSS Polyglot


One-click CSRF POC Generator


SSRF via redirect


Flash crossdomain.xml POC


JavaScript Event listeners


JavaScript Fetch API


Enumerate JavaScript Properties


window.opener POC


postMessage Fuzzer


HTTP redirector


S3cr3t


CSV


Cross-site WebSocket Hijacking


WordPress Content Injection POC


XMLHttpRequest (*)


XSSI


Flash XDomainXploit.swf


Referrer Policy Check


Charset fuzzer


IE Docmode Inheritance


HackerOne XSSI


SVG Cookie Injection


URL Encode/Decode

Input:


Output:


String.fromCharCode

Input:


Output:


Base64 URLSafe

Input:


Output: