A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Go to file
PixeL 1b190939c4
Remove example from win priv esc
This example was used on hackthebox where it leaked the root flag of a machine on free servers.
This resulted in every user being able to get the root flag before they have even completed the box which isn't fair to others.

This example should either be changed or removed completely to combat copy-pasting without knowing what you're doing.
2020-03-23 17:17:42 -05:00
_template_vuln SAML exploitation + ASREP roasting + Kerbrute 2019-03-24 13:16:23 +01:00
.github Update FUNDING.yml with buymeacoffee 2019-09-13 17:49:47 +02:00
API Key Leaks Maps API + secretsdump enabled user/pw last set + certutil mimikatz 2020-02-06 21:41:29 +01:00
AWS Amazon Bucket S3 AWS Patterns 2020-02-23 20:58:53 +01:00
Command Injection Update README.md 2020-03-15 01:11:47 +08:00
CORS Misconfiguration CORS Misconfiguration 2019-08-18 12:08:51 +02:00
CRLF Injection Added Summary in CRLF 2019-12-17 22:12:35 +05:30
CSRF Injection Updated Summary and Fixed Broken Links in CSRF 2019-12-17 22:21:53 +05:30
CSV Injection HQL Injection + references update 2019-06-16 23:45:52 +02:00
CVE Exploits fixing typo in file name 2020-01-28 17:41:01 +00:00
Directory Traversal AD mitigations 2019-12-26 12:09:23 +01:00
File Inclusion added additional way to chain php filters 2020-02-20 06:40:30 -05:00
GraphQL Injection AWS - EC2 copy image 2020-02-29 12:56:00 +01:00
Insecure Deserialization Update Java.md 2019-10-30 11:36:09 +08:00
Insecure Direct Object References Command injection rewritten 2019-04-21 19:50:50 +02:00
Insecure Management Interface Fix name's capitalization 2019-03-07 00:07:55 +01:00
Insecure Source Code Management ImageMagik Ghost Script + Typo git summary 2019-06-26 00:07:06 +02:00
JSON Web Token SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Kubernetes Kubernetes - Privileged Service Account Token 2019-12-20 11:33:25 +01:00
LaTeX Injection Fix name's capitalization 2019-03-07 00:07:55 +01:00
LDAP Injection add ruby script 2020-02-21 23:49:50 +01:00
Methodology and Resources Remove example from win priv esc 2020-03-23 17:17:42 -05:00
NoSQL Injection Added an alternate possible Found condition to POST 2019-10-29 21:11:56 +02:00
OAuth Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Open Redirect Added new payloads 2019-11-14 18:26:35 +08:00
Race Condition Race Condition - First Draft 2020-01-26 12:43:59 +01:00
SAML Injection GraphQL + LXD/etc/passwd PrivEsc + Win firewall 2019-06-09 13:46:40 +02:00
Server Side Request Forgery Update AWS SSRF tips 2020-03-11 15:20:51 +01:00
Server Side Template Injection Improvement to the SSTI RCE 2020-03-09 18:19:33 +00:00
SQL Injection From https://twitter.com/secgus 2020-03-01 21:15:19 +00:00
Type Juggling Type Juggling - Another SHA 256 2019-07-14 14:23:20 +02:00
Upload Insecure Files IIS asp shell with .asa, .cer, .xamlx 2019-11-16 14:53:42 +01:00
Web Cache Deception Fix dead youtube link 2019-10-02 20:09:41 -04:00
Web Sockets WMI + Cobalt Strike 2020-02-13 22:53:45 +01:00
XPATH Injection XPATH: add tools 2019-10-26 16:43:36 +02:00
XSLT Injection AD mitigations 2019-12-26 12:09:23 +01:00
XSS Injection Create 0xcela_event_handlers.txt 2020-01-15 17:00:26 +01:00
XXE Injection Merge pull request #128 from noraj/patch-1 2019-12-02 22:38:08 +01:00
.gitignore Shell IPv6 + Sandbox credential 2019-01-07 18:15:45 +01:00
BOOKS.md README rewrite : BOOKS and YOUTUBE 2019-05-12 22:43:42 +02:00
LICENSE Create License 2019-05-25 16:27:35 +02:00
README.md README - Summary update 2020-03-19 12:03:32 +01:00
YOUTUBE.md Fix YOUTUBE and BOOKS links 2019-05-12 22:59:22 +02:00

Payloads All The Things

A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! I ❤️ pull requests :)

You can also contribute with a 🍻 IRL

Every section contains the following files, you can use the _template_vuln folder to create a new chapter:

  • README.md - vulnerability description and how to exploit it
  • Intruder - a set of files to give to Burp Intruder
  • Images - pictures for the README.md
  • Files - some files referenced in the README.md

You might also like the Methodology and Resources folder :

You want more ? Check the Books and Youtube videos selections.