A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
May 21, 2024 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
The Official USB Rubber Ducky Payload Repository
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
🎯 SQL Injection Payload List
All about bug bounty (bypasses, payloads, and etc)
Git All the Payloads! A collection of web attack payloads.
The all-in-one browser extension for offensive security professionals 🛠
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Use a Fake image.jpg to exploit targets (hide known file extensions)
Undetectable Windows Payload Generation
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
🎯 XML External Entity (XXE) Injection Payload List
A container repository for my public web hacks!
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
Image Payload Creating/Injecting tools
Infosec Wordlists and more.
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Add a description, image, and links to the payloads topic page so that developers can more easily learn about it.
To associate your repository with the payloads topic, visit your repo's landing page and select "manage topics."