Question

I'm looking for exhaustive list(s) of web attack strings, which includes as many possible injection strings as possible, including SQLis , XSS, XPATH injections, SSIs, etc. Preferably encoded in various formats. Anyone knows where to find these?

Was it helpful?

Solution

The FuzzDB seems to be the answer http://code.google.com/p/fuzzdb/

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top