admin/PayloadsAllTHINGS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
31 Commits 2 Branches 7 Tags
9f66d48f2b077a884b35ead58bd7b5624817a267
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
swisskyrepo 9f66d48f2b Update RCE payloads and README
2016-11-12 00:17:33 +07:00
AWS Amazon Bucket S3
AWS added, XSS and methodology update
2016-11-11 16:03:35 +07:00
CRLF injection
Enumeration added and improvement for CRLF/XSS/SQL
2016-11-02 20:26:00 +07:00
CSV injection
Fix in juggling type + CSV injection
2016-10-20 10:50:12 +07:00
CVE Shellshock Heartbleed
CVE Heartbleed and Shellshcok added
2016-10-20 09:54:29 +07:00
NoSQL injection
NOSQL injection added + updates XSS/XXE
2016-10-30 18:53:32 +07:00
Open redirect
Clean project - Renamed and added PHP juggling type
2016-10-20 10:22:24 +07:00
PHP include
Methodology added, XSS payloads updated,little fix
2016-11-06 12:42:50 +07:00
PHP juggling type
Fix in juggling type + CSV injection
2016-10-20 10:50:12 +07:00
PHP serialization
PHP object injection
2016-10-20 11:02:19 +07:00
Remote commands execution
Update RCE payloads and README
2016-11-12 00:17:33 +07:00
SQL injection
Methodology added, XSS payloads updated,little fix
2016-11-06 12:42:50 +07:00
SSRF injection
Clean project - Renamed and added PHP juggling type
2016-10-20 10:22:24 +07:00
Tar commands execution
Clean project - Renamed and added PHP juggling type
2016-10-20 10:22:24 +07:00
Traversal directory
Traversal Dir files + Updates XSS
2016-10-21 06:12:00 +07:00
Upload insecure files
Clean project - Renamed and added PHP juggling type
2016-10-20 10:22:24 +07:00
XSS injection
AWS added, XSS and methodology update
2016-11-11 16:03:35 +07:00
XXE injections
XXE renamed, little updates in SQL/Include + enum
2016-11-03 23:56:15 +07:00
.gitignore
Methodology added, XSS payloads updated,little fix
2016-11-06 12:42:50 +07:00
Methodology_and_enumeration.md
AWS added, XSS and methodology update
2016-11-11 16:03:35 +07:00
README.md
Update RCE payloads and README
2016-11-12 00:17:33 +07:00

README.md

Payloads All The Things

A list of usefull payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :)

Last modifications :

  • XSS paylods improved
  • Methodology added
  • AWS Bucket added

Tools

More resources

Book's list:

Blogs/Websites

Reference in New Issue View Git Blame Copy Permalink
Description
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bountybugbountybypasscheatsheetenumerationhackinghacktoberfestmethodologypayloadpayloadspenetration-testingpentestprivilege-escalationredteamsecurityvulnerabilityweb-application
Readme MIT 31 MiB
Languages
Python 76.2%
ASP.NET 8.7%
XSLT 5.9%
Classic ASP 3.2%
PHP 3.1%
Other 2.8%