payloads

There are 66 repositories under payloads topic.

• PayloadsAllTheThings

  swisskyrepo / PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  pentestpayloadbypassweb-applicationhackingvulnerabilitybountymethodologyprivilege-escalationpenetration-testingcheatsheetsecurityenumerationbugbountyredteampayloadshacktoberfest
  Language:Python 57162

• payloadbox / xss-payload-list

  🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

  bugbountycross-site-scriptingdom-basedpayloadpayloadsreflected-xss-vulnerabilitiesself-xsswebsecuritywebsite-vulnerabilityxssxss-attacksxss-detectionxss-exploitationxss-injectionxss-payloadxss-payloadsxss-pocxss-scannerxss-scannersxss-vulnerability
  5688

• EdOverflow / bugbounty-cheatsheet

  A list of interesting payloads, tips and tricks for bug bounty hunters.

  bugbountyinfosecpayloadssecurity
  5567
• HackTools

  LasCC / HackTools

  The all-in-one browser extension for offensive security professionals 🛠

  reverse-shellhackinghack-toolschrome-extensionfirefox-addonhacktoolspayloadsxss-payloadsweb-pentestershackmsfvenommetasploithackbarcheatsheetpurpleteamredteambug-bountyhackingtools
  Language:TypeScript 5478

• daffainfo / AllAboutBugBounty

  All about bug bounty (bypasses, payloads, and etc)

  bugbountybugbountytipsbypasspayloadsreconnaissancebughackingsecuritypayloadpenetration-testingvulnerabilityinfosecpentest
  5437

• payloadbox / sql-injection-payload-list

  🎯 SQL Injection Payload List

  sql-injectionattackersql-injection-attackssql-injection-proofsql-injection-exploitationsql-injectionssql-injection-payloadsinjection-payloadssql-injection-filterersql-injection-attackowasp-top-10payloadspayloadwebsecuritybugbountysecurity-researchhackingsql-injectinjection-attacksinjection
  4392
• usbrubberducky-payloads

  hak5 / usbrubberducky-payloads

  The Official USB Rubber Ducky Payload Repository

  badusbducky-payloadsduckyscripthacking-toolshak5hak5-rubber-duckyhidhotplugkeystroke-injectionpayloadspentestingsecurity-toolsusb-rubber-duckyusbrubberducky
  Language:PowerShell 3575

• 1N3 / IntruderPayloads

  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

  attackbugbountyburpsuiteburpsuite-engagementburpsuite-intruderfuzzfuzz-listsfuzzinginjectionintruderpayloadssql-injection
  Language:BlitzBasic 3553

• foospidy / payloads

  Git All the Payloads! A collection of web attack payloads.

  payloadpayloadsxsssqliweb-attack-payloadspasswordspentesthackingappseccybersecurity
  Language:Shell 3533
• pwndrop

  kgretzky / pwndrop

  Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

  file-managerself-hostedfile-sharinghttp-serverwebdav-serverredteampayloads
  Language:JavaScript 1891

• 0xSobky / HackVault

  A container repository for my public web hacks!

  payloadsweb-securitypentestingtrackingfuzzingregexreconnaissancexssexploit
  Language:JavaScript 1878

• terjanq / Tiny-XSS-Payloads

  A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

  xssjavascripthtmlctfbugbountypayloads
  Language:JavaScript 1826

• insightglacier / Dictionary-Of-Pentesting

  Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

  pentestingfuzzingbruteforcebugbountydictionarywebsecurityiot-securitypasswordpentestregex-patterndnssubdomaindatabasewifibugbountytipsbughunting-methodologyfingerprintrcespring-bootpayloads
  Language:Shell 1823

• nettitude / PoshC2

  A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

  poshc2c2redteamnettitudeproxy-awareposhc2-installationpython3powershellpayloadscsharp
  Language:PowerShell 1699

• nccgroup / Winpayloads

  Undetectable Windows Payload Generation

  pythonpersistencekalipayloadsbypassantivirusuacwindowsmetermsfconsolemetasploitpowershellnetsecundetectable
  Language:Python 1545

• whwlsfb / BurpCrypto

  BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

  burp-extensionsburp-pluginburpsuite-extenderburpsuitepayloadsburpcryptofuzz-testingexecute-js-encryptionctf-toolsctf
  Language:Java 1339

• tokyoneon / Chimera

  Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

  bypass-antivirusantivirus-evasionantivirusattackoffensive-securitykali-scriptskali-scriptkali-linuxkaliinformation-securityreverse-shellpayloadpayloadspenetration-testingpayload-generatorshellshell-scriptsamsi
  Language:PowerShell 1321

• sighook / pixload

  Image Payload Creating/Injecting tools

  backdoor-attackshacking-toolimageimage-processinginjectioninjectorpayload-generatorpayloadsweb-attack-payloads
  Language:Perl 1162

• payloadbox / xxe-injection-payload-list

  🎯 XML External Entity (XXE) Injection Payload List

  xxexxe-injectionxxe-payloadsxxe-examplexmlwebsecuritywebsecurity-referenceinfosecbugbountybug-bountyweb-application-securitycybersecuritycyber-securityinformation-securityxml-entitypayloadxxe-payloadxxe-payload-listpayloadshacking
  1022

• mvelazc0 / defcon27_csharp_workshop

  Writing custom backdoor payloads with C# - Defcon 27 Workshop

  csharppayloadsredteam
  Language:C# 975

• r00t-3xp10it / FakeImageExploiter

  Use a Fake image.jpg to exploit targets (hide known file extensions)

  image-jpg-ps1exploiterhide-extensions-known-file-typesspoof-extensionspayloads
  Language:Shell 878

• sh377c0d3 / Payloads

  Payload Arsenal for Pentration Tester and Bug Bounty Hunters

  bugbounty-toolbugbountypayloadpayloadspayloads-databasepenetration-testing
  Language:PHP 840

• xajkep / wordlists

  Infosec Wordlists and more.

  infosecsecurityfuzzingwordlistspayloadsdiscoveryrecondictionarypayloadregex-pattern
  Language:Python 702
• InternalAllTheThings

  swisskyrepo / InternalAllTheThings

  Active Directory and Internal Pentest Cheatsheets

  cheatsheethacktoberfestpayloadspentestredteamsecuritywiki
  Language:HTML 586

• payloadbox / ssti-payloads

  🎯 Server Side Template Injection Payloads

  server-side-template-injectionsstiinjectionpayloadpayloadspayloadboxbugbountybountybugbountytipswebsecuritywebsecuritysecurity-auditsourcecodesource-code-analysiscode-security
  568

• cujanovic / Open-Redirect-Payloads

  Open Redirect Payloads

  open-redirectpayloadspentestpentest-toolpentesting
  Language:Shell 550

• capture0x / XSS-LOADER

  Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

  xssxss-scannerxss-payloadsxss-finderhackingdork-finderxss-injectionpayload-generatorpayloadsxss-detectionxss-attacksxss-bypassbypass-filter
  Language:Python 522
• sharkjack-payloads

  hak5 / sharkjack-payloads

  The Official Hak5 Shark Jack Payload Repository

  duckyscriptethernethacking-toolshak5hotplugnetworkingpayloadssecurity-toolshak5-shark-jack
  Language:Shell 520

• payloadbox / rfi-lfi-payload-list

  🎯 RFI/LFI Payload List

  application-securityappsecbug-bountybugbountylfilfi-exploitationlfi-vulnerabilitypayloadpayload-listpayloadsrfirfi-exploitonrfi-vulnerabillitysecuritysecurity-researchsecurity-researchersecurity-researchersweb-application-securityweb-hackingwebsecurity
  508

• payloadbox / open-redirect-payload-list

  🎯 Open Redirect Payload List

  open-redirectopenredirectpayload-listpayloadpayloadssecuritywebsecurity
  496

• EntySec / RomBuster

  RomBuster is a router exploitation tool that allows to disclosure network router admin password.

  exploitcredentials-gatheringpassword-crackerinformation-extractioninformation-gatheringpayloadpayloadsexploitskalilinuxpasswordshackinghackrouter-hackingrouteriotiot-hackingentysec
  Language:Python 434
• HardwareAllTheThings

  swisskyrepo / HardwareAllTheThings

  Hardware/IOT Pentesting Wiki

  gadgetshacktoberfesthardwareiotpayloadspentestsecuritywiki
  Language:HTML 374

• SHUR1K-N / Flipper-Zero-BadKB-Files

  Looking for the BadKB files you saw in my video? Here they are. Only for educational purposes, of course.

  attackbadkbbadusbcustomfirmwareflipperpayloadsroguemasterunleashedxtremezero
  372

• Phenomite / AMP-Research

  Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks

  udpddosddos-attacksamplificationmitigationspayloadsdns-amplification-attackcldapdvrtcp
  Language:C 317

• cytopia / badchars

  Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.

  badcharsencoderencoder-decoderreverse-engineeringpayloadpayloadssecurity-toolscytopia-sec
  Language:Python 261

• Mehdi0x90 / Web_Hacking

  Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

  api-pentestbugbountyhackingpayloadspenetration-testingreconweb-application-securitywebhackingwebsecuritybypasscheatsheetpentestsecurityvulnerabilityexploitapi-securitybug-bounty-huntersowaspenumerationredteam
  190