Skip to content

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

License

Notifications You must be signed in to change notification settings

KRUXLEX/PayloadsAllTheThings

This branch is 994 commits behind swisskyrepo/PayloadsAllTheThings:master.

Folders and files

NameName
Last commit message
Last commit date
Jan 8, 2021
Jan 25, 2021
Dec 18, 2020
Feb 21, 2021
Dec 12, 2020
Oct 25, 2020
Dec 17, 2019
Mar 17, 2021
Dec 12, 2020
Jun 4, 2020
Oct 9, 2020
May 10, 2021
Apr 21, 2021
Dec 22, 2020
Dec 18, 2020
Apr 21, 2019
Oct 28, 2020
Feb 3, 2021
May 19, 2021
Jan 20, 2021
Sep 9, 2020
Mar 6, 2019
May 6, 2021
May 29, 2021
May 12, 2019
Nov 26, 2020
Jan 26, 2020
Jan 16, 2021
May 12, 2020
Mar 25, 2021
Mar 24, 2021
May 20, 2021
Dec 12, 2020
Dec 8, 2020
Mar 30, 2021
Oct 17, 2020
Apr 11, 2020
May 24, 2020
Dec 26, 2019
Apr 21, 2021
Apr 24, 2021
Mar 24, 2019
Jan 7, 2019
May 12, 2019
Sep 27, 2020
May 25, 2019
Aug 22, 2020
Nov 3, 2020
Oct 8, 2020

Repository files navigation

Payloads All The Things Tweet

A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! I ❤️ pull requests :)

You can also contribute with a 🍻 IRL, or using the sponsor button.

Every section contains the following files, you can use the _template_vuln folder to create a new chapter:

  • README.md - vulnerability description and how to exploit it, including several payloads
  • Intruder - a set of files to give to Burp Intruder
  • Images - pictures for the README.md
  • Files - some files referenced in the README.md

You might also like the Methodology and Resources folder :

You want more ? Check the Books and Youtube videos selections.

About

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 86.2%
  • Ruby 6.5%
  • ASP.NET 3.9%
  • Classic ASP 1.4%
  • PHP 1.4%
  • Jupyter Notebook 0.3%
  • Other 0.3%