A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Jun 27, 2024 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
The best way to build a modern backend + admin UI. No black magic, all TypeScript, and fully open-source, Payload is both an app framework and a headless CMS.
🎯 SQL Injection Payload List
All about bug bounty (bypasses, payloads, and etc)
The LAZY script will make your life easier, and of course faster.
Git All the Payloads! A collection of web attack payloads.
Awesome XSS stuff
Tools and Techniques for Red Team / Penetration Testing
Python Remote Administration Tool (RAT)
🎯 Command Injection Payload List
Penetration tests guide based on OWASP including test cases, resources and examples.
🔥 CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
RubberDucky like payloads for DigiSpark Attiny85
Python antivirus evasion tool
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
🎯 XML External Entity (XXE) Injection Payload List
Add a description, image, and links to the payload topic page so that developers can more easily learn about it.
To associate your repository with the payload topic, visit your repo's landing page and select "manage topics."