@bug_vs_me So you put it everywhere you can, or just use it at those places you think are vulnerable/or if you're trying a bypass of something? Thanks!

@0x2458 i first blindly spray payload everywhere then check one by one if any bypass needed or any suspicious behaviour that leads to xss!

@bug_vs_me Deepak kyun post Kiya bro , don't you think cloudfare aur akamai issay dekh leingay aur phir wahi mitigation !!!! . Hope I'm wrong

@arjunnotfrom Nah its basic payload is already blocked by WAF!

@bug_vs_me do you know any cloudflare waf bypass payloads...?

@hackrzvijay Yes

@bug_vs_me @0xSh1v4 Nice share mate!

@bug_vs_me This is really helpful. It has different encodings so we can know how different types of inputs are treated at once. Thanks 😁

@bug_vs_me

@bug_vs_me “><s>xss best thing lol

@bug_vs_me Noice The law is the law

@bug_vs_me For those who didn't get it. This is cross-site scripting (XSS) payload. It's crafted to exploit potential vulnerabilities in a website's security by injecting malicious code, which in this case could trigger an alert with the message "69"

@bug_vs_me lets goooooo dude. I like it 🤜🤛