https://github.com/0xInfection/Awesome-WAF
https://github.com/masatokinugawa/filterbypass/wiki/Browser's-XSS-Filter-Bypass-Cheat-Sheet
https://d3adend.org/xss/ghettoBypass
https://github.com/pgaijin66/XSS-Payloads/blob/master/payload.txt
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
https://www.bugbountyhunter.com/hackevents/report?id=219
https://www.bugbountyhunter.com/hackevents/report?id=78
https://xsshunter.com
https://www.w3schools.com/jsref/dom_obj_event.asp
https://zseano.medium.com/finding-xss-on-apple-com-and-building-a-proof-of-concept-to-leak-your-pii-information-d7bc93cff2df
https://portswigger.net/research/xss-in-hidden-input-fields
https://github.com/RenwaX23/XSS-Payloads/blob/master/Without-Parentheses.md
https://ysamm.com/?p=695
https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=92e0b24d-4db6-41ab-827f-7940bc126bb8&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments
https://whitton.io/articles/uber-turning-self-xss-into-good-xss/
https://www.geekboy.ninja/blog/airbnb-bug-bounty-turning-self-xss-into-good-xss-2/
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection#polyglot-xss
https://github.com/s0md3v/MyPapers/tree/master/Bypassing-XSS-detection-mechanisms
https://github.com/mazen160/xless
https://github.com/daxAKAhackerman/XSS-Catcher
https://github.com/hahwul/dalfox
https://thehackerblog.com/xss-hunter-is-now-open-source-heres-how-to-set-it-up/index.html
https://github.com/dwisiswant0/findom-xss
https://academind.com/tutorials/localstorage-vs-cookies-xss
https://medium.com/redteam/stealing-jwts-in-localstorage-via-xss-6048d91378a0
https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
https://brutelogic.com.br/blog/quoteless-javascript-injections/
https://blog.dixitaditya.com/xss-to-read-internal-files
https://brutelogic.com.br/blog/dom-based-xss-the-3-sinks/
https://brutelogic.com.br/blog/xss101/