admin/PayloadsAllTHINGS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14 Commits 2 Branches 7 Tags
8317ae4a607463a93e5b942e5af6ca477214f357
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
swisskyrepo 8317ae4a60 PHP Include payloads
2016-10-20 09:39:06 +07:00
CRLF
CRLF Payload
2016-10-18 15:15:43 +07:00
CSV_Injection
Init directory with README
2016-10-18 15:01:56 +07:00
Open_Redirect
Open Redirect Payloads
2016-10-18 15:41:18 +07:00
PHP_Include
PHP Include payloads
2016-10-20 09:39:06 +07:00
PHP_Serialization
XXE payloads
2016-10-18 14:06:10 +07:00
RCE
MySQL Payloads
2016-10-18 13:39:17 +07:00
SQL_Injection
MySQL Payloads
2016-10-18 13:39:17 +07:00
SSRF
SSRF payloads
2016-10-18 14:54:41 +07:00
TAR_Code_Exec
Tar command exec
2016-10-18 18:36:18 +07:00
Traversal_Directory
Traversal Directory payloads
2016-10-19 07:51:24 +07:00
Upload
Upload payloads
2016-10-18 18:13:23 +07:00
XSS
XSS payloads
2016-10-19 23:39:07 +07:00
XXE
XXE payloads
2016-10-18 14:06:10 +07:00
README.md
PHP Include payloads
2016-10-20 09:39:06 +07:00

README.md

a# Payloads All The Things A list of usefull payloads and bypasses for Web Application Security

TODO:

  • PHP Serialization
  • CSV Injection

To improve:

  • RCE
  • SQL injection
  • XXE
  • SSRF
  • Upload
  • Tar command exec
  • Traversal Directory
  • XSS
  • PHP Include

TODO v2:

  • Remove "_" in dir name
  • Add CVE : Hearbleed and ShellShock ?

/!\ Work in Progress : 40%

Reference in New Issue View Git Blame Copy Permalink
Description
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bountybugbountybypasscheatsheetenumerationhackinghacktoberfestmethodologypayloadpayloadspenetration-testingpentestprivilege-escalationredteamsecurityvulnerabilityweb-application
Readme MIT 31 MiB
Languages
Python 76.2%
ASP.NET 8.7%
XSLT 5.9%
Classic ASP 3.2%
PHP 3.1%
Other 2.8%