Share
## https://sploitus.com/exploit?id=CDBF2032-8916-53A1-9041-72FB3B57DC54
# WAF Evasion for XSS - Python Script

## ๐Ÿ”น About
This project explores how Web Application Firewalls (WAFs) block Cross-Site Scripting (XSS) and how attackers try to bypass them.

## ๐Ÿ”น Script
- `payload_generator.py` โ†’ generates different variations of XSS payloads.

## ๐Ÿ”น Example Payloads
1. `alert('XSS')`
2. `script`
3. ``
4. ``
5. `%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E`

## ๐Ÿ”น Results
- Tested on a sample vulnerable app.
- Payloads 3 & 4 bypassed filters successfully.
- Payload 1 was blocked by simple WAF filters.

## ๐Ÿ”น Demonstration of Filter Evasion

### 1. Script Output
The script successfully generated multiple payloads:
![Script Output](screenshots/script_output.png)

### 2. Successful XSS Trigger
The payload `` executed successfully, triggering an alert box:
![XSS Alert](screenshots/xss_alert.png)

---

## ๐Ÿ”น How to Run
```bash
python payload_generator.py