Payloads All The Things

A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! I <3 pull requests :)
You can also contribute with a beer IRL or

Every section contains:

• README.md - vulnerability description and how to exploit it
• Intruders - a set of files to give to Burp Intruder
• Some exploits

You might also like :

• Methodology and Resources
  • Active Directory Attack.md
  • Methodology_and_enumeration.md
  • Network Pivoting Techniques.md
  • Reverse Shell Cheatsheet.md
  • Windows - Download and Execute.md
  • Windows - Mimikatz.md
  • Windows - Persistence.md
  • Windows - Privilege Escalation.md
  • Windows - Using credentials.md
• CVE Exploits
  • Apache Struts 2 CVE-2017-5638.py
  • Apache Struts 2 CVE-2017-9805.py
  • Drupalgeddon2 CVE-2018-7600.rb
  • Heartbleed CVE-2014-0160.py
  • Shellshock CVE-2014-6271.py
  • Tomcat CVE-2017-12617.py

Tools

• Kali Linux
• Web Developer
• Hackbar - Not compatible with Firefox Quantum
• Burp Proxy
• Fiddler
• DirBuster
• GoBuster
• Knockpy
• SQLmap
• Nikto
• Nessus
• Recon-ng
• Wappalyzer
• Metasploit
• OpenVAS

Online Challenges

• Hack The Box
• Root-Me
• Zenk-Security
• W3Challs
• NewbieContest
• Vulnhub
• The Cryptopals Crypto Challenges
• Penetration Testing Practice Labs
• alert(1) to win
• Hacksplaining
• HackThisSite
• PentesterLab : Learn Web Penetration Testing: The Right Way
• Hackers.gg

Bug Bounty

• HackerOne
• BugCrowd
• Bounty Factory
• List of Bounty Program

Docker

Command	Link
docker pull remnux/metasploit	docker-metasploit
docker pull paoloo/sqlmap	docker-sqlmap
docker pull kalilinux/kali-linux-docker	official Kali Linux
docker pull owasp/zap2docker-stable	official OWASP ZAP
docker pull wpscanteam/wpscan	official WPScan
docker pull infoslack/dvwa	Damn Vulnerable Web Application (DVWA)
docker pull danmx/docker-owasp-webgoat	OWASP WebGoat Project docker image
docker pull opendns/security-ninjas	Security Ninjas
docker pull ismisepaul/securityshepherd	OWASP Security Shepherd
docker-compose build && docker-compose up	OWASP NodeGoat
docker pull citizenstig/nowasp	OWASP Mutillidae II Web Pen-Test Practice Application
docker pull bkimminich/juice-shop	OWASP Juice Shop

More resources

Book's list:

• Web Hacking 101
• OWASP Testing Guide v4
• Penetration Testing: A Hands-On Introduction to Hacking
• The Hacker Playbook 2: Practical Guide to Penetration Testing
• The Mobile Application Hacker’s Handbook
• Black Hat Python: Python Programming for Hackers and Pentesters
• Metasploit: The Penetration Tester's Guide
• The Database Hacker's Handbook, David Litchfield et al., 2005
• The Shellcoders Handbook by Chris Anley et al., 2007
• The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009
• The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011
• iOS Hackers Handbook by Charlie Miller et al., 2012
• Android Hackers Handbook by Joshua J. Drake et al., 2014
• The Browser Hackers Handbook by Wade Alcorn et al., 2014
• The Mobile Application Hackers Handbook by Dominic Chell et al., 2015
• Car Hacker's Handbook by Craig Smith, 2016

Blogs/Websites

• http://blog.zsec.uk/101-web-testing-tooling/
• https://blog.innerht.ml
• https://blog.zsec.uk
• https://www.exploit-db.com/google-hacking-database
• https://www.arneswinnen.net
• https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102

Youtube

• Hunting for Top Bounties - Nicolas Grégoire
• BSidesSF 101 The Tales of a Bug Bounty Hunter - Arne Swinnen
• Security Fest 2016 The Secret life of a Bug Bounty Hunter - Frans Rosén
• IppSec Channel - Hack The Box Writeups