/H5SC

A collection of HTML5 related XSS attack vectors

Primary LanguageJavaScriptMozilla Public License 2.0MPL-2.0

HTML5 Security Cheatsheet

This is the new home of the H5SC or HTML5 Security Cheatsheet. Here you will find three things:

  • A collection of HTML5 related XSS attack vectors
  • A set of useful files for XSS testing
  • A set of formerly hidden features useful for XSS testing

The XSS Vectors

The collection of XSS vectors can be found here: https://html5sec.org/

Useful Files

We published a list of files useful for XSS testing in various situations. Currently the following files are available:

Pull requests welcome, we store the files in the /attachments sub-folder.

Hidden Features

The H5SC currently has three "hidden" features