floer32
commented
7 years ago I guess there is a question of how far to go. There other other good resources on that same subject, such as here: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20injection
Moreover XSS isn't the only Naughty thing 😉 still I am curious for your thoughts about a community-contributed appendix of resources for learning more on these Naughty Strings... As well as common mitigations. OWASP resources will be particularly useful, but I could imagine using the Wiki feature on this repository to flesh out a little library of links. Then this could be linked from the README.
Thoughts?
This seems relevant as a further reference for interested readers and users. I appreciate your project and its intention to help people be mean to their code. Would be great to link to some understanding materials too!
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet