JavaScript
Creating XSS Payloads with only Symbols
On nethemba, I found an interesting paper that explains how to create JavaScript payloads using only the following characters: (){}_=[];$”!+<> Basically the idea is you can create error conditions or default objects then invoke the toString() method by doing a +” ” to cast it. For example { } would create an object { }+” [...]