July 20, 2019

240 words 2 mins read



A list of useful payloads and bypass for Web Application Security and Pentest/CTF

repo name swisskyrepo/PayloadsAllTheThings
repo link https://github.com/swisskyrepo/PayloadsAllTheThings
language Python
size (curr.) 7748 kB
stars (curr.) 12890
created 2016-10-18
license MIT License

Payloads All The Things

A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! I :heart: pull requests :)

You can also contribute with a :beers: IRL

Every section contains the following files, you can use the _template_vuln folder to create a new chapter:

  • README.md - vulnerability description and how to exploit it
  • Intruder - a set of files to give to Burp Intruder
  • Images - pictures for the README.md
  • Files - some files referenced in the README.md

You might also like the Methodology and Resources folder :

You want more ? Check the Books and Youtube videos selections.

comments powered by Disqus