Share
## https://sploitus.com/exploit?id=CDBF2032-8916-53A1-9041-72FB3B57DC54
# WAF Evasion for XSS - Python Script
## ๐น About
This project explores how Web Application Firewalls (WAFs) block Cross-Site Scripting (XSS) and how attackers try to bypass them.
## ๐น Script
- `payload_generator.py` โ generates different variations of XSS payloads.
## ๐น Example Payloads
1. `alert('XSS')`
2. `script`
3. ``
4. ``
5. `%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E`
## ๐น Results
- Tested on a sample vulnerable app.
- Payloads 3 & 4 bypassed filters successfully.
- Payload 1 was blocked by simple WAF filters.
## ๐น Demonstration of Filter Evasion
### 1. Script Output
The script successfully generated multiple payloads:

### 2. Successful XSS Trigger
The payload `` executed successfully, triggering an alert box:

---
## ๐น How to Run
```bash
python payload_generator.py