A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Collection of tools, scripts, one-liners, templates, dorks and more

Payloads BadUSB for Flipper Zero with DuckyScript 1.0

The Official USB Rubber Ducky Payload Repository

Active Directory and Internal Pentest Cheatsheets

Some payloads I made to Hak5 with DuckyScript 3

Repository of useful payloads and tips for pentesting/bug bounty.

Hardware/IOT Pentesting Wiki

Android, Win Hacking 🔥

A powerful collection of scripts for automating bug bounty hunting, vulnerability detection, and security analysis. Speed up your recon and exploitation workflows with ease!

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Open Redirect Payloads

Blind-XSS listener with payloads to the target user's browser data including cookies, local/session storage, html code, screenshot of current page (HTTP listener optionally)

Welcome to Hack-Academia, your ultimate resource hub for all things hacking, pentesting, and security research. Whether you are a beginner looking to dive into the world of cybersecurity or an experienced professional seeking advanced techniques and insights, Hack-Academia is here to guide you.

Sec-Payloads, It's a collection of multiple types of lists used during security assessments & used for bug bounty hunting or penetration testing, collected in one place. List types include xss, sqli, sensitive data patterns, fuzzing payloads, web shells, and many more.

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

The Official Hak5 Shark Jack Payload Repository

A comprehensive multi-vulnerability scanner