mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 10:26:09 +00:00
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bountybugbountybypasscheatsheetenumerationhackinghacktoberfestmethodologypayloadpayloadspenetration-testingpentestprivilege-escalationredteamsecurityvulnerabilityweb-application
CRLF | ||
CSV_Injection | ||
Open_Redirect | ||
PHP_Serialization | ||
RCE | ||
SQL_Injection | ||
SSRF | ||
TAR_Code_Exec | ||
Traversal_Directory | ||
Upload | ||
XSS | ||
XXE | ||
README.md |
Payloads All The Things
A list of usefull payloads and bypasses for Web Application Security
TODO:
- PHP Include
- PHP Serialization
- CSV Injection
To improve:
- RCE
- SQL injection
- XXE
- SSRF
- Upload
- Tar command exec
- Traversal Directory
- XSS
TODO v2:
- Remove "_" in dir name