XowiaScan
Home Tools Pricing API Docs About Sign in Get started
← All tools

Payload Lists

Generators

A curated, copy-ready library of XSS, SQLi, SSRF, CRLF and XXE payloads.

What is Payload Lists?

Payload Lists is a hand-picked reference of battle-tested payloads organized by vulnerability class. No generation, no guesswork — just reliable strings ready to copy into a request.

It is the quick-reference companion to Payload Generator: when you want a known-good payload immediately, it is here.

What it includes

  • XSS — reflected, stored, DOM and polyglot strings.
  • SQL injection — across techniques and database engines.
  • SSRF — internal-target and metadata payloads.
  • CRLF & XXE — header-injection and XML entity payloads.
  • One-click copy — grab a single payload or a whole category.

Where it fits in your workflow

  • Pull a reliable payload mid-test without leaving the suite.
  • Build a quick fuzzing list from curated categories.
Use Payload Lists

Free, in-browser — no sign-up needed to try.

Create free account Sign in

At a glance

CategoryGenerators
RunsIn your browser
Token cost Free — no tokens
AccessFree · no login to try
Status● Live

Frequently asked questions

Are the lists updated?

The library is curated for high-signal, broadly effective payloads. Combine it with Payload Generator for context-specific or encoded variants.

Explore more tools →