A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Go to file
2017-03-26 18:00:23 +02:00
AWS Amazon Bucket S3 AWS added, XSS and methodology update 2016-11-11 16:03:35 +07:00
CRLF injection Enumeration added and improvement for CRLF/XSS/SQL 2016-11-02 20:26:00 +07:00
CSV injection Fix in juggling type + CSV injection 2016-10-20 10:50:12 +07:00
CVE Shellshock Heartbleed CVE Heartbleed and Shellshcok added 2016-10-20 09:54:29 +07:00
Git Svn insecure files Git - methodology 2017-03-19 23:51:56 +01:00
NoSQL injection NOSQL injection added + updates XSS/XXE 2016-10-30 18:53:32 +07:00
OAuth XSS,SQL OAuth Updated 2016-12-04 01:03:59 +07:00
Open redirect Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
PHP include Methodology added, XSS payloads updated,little fix 2016-11-06 12:42:50 +07:00
PHP juggling type Fix in juggling type + CSV injection 2016-10-20 10:50:12 +07:00
PHP serialization PHP object injection 2016-10-20 11:02:19 +07:00
Remote commands execution RCE Time based : Data extraction 2017-03-03 21:41:00 +01:00
SQL injection SQLite injection update-Extract table/column name 2017-02-21 09:16:51 +01:00
SSRF injection Minor Updates in SQL-SSRF-XSS 2017-01-07 20:51:47 +01:00
Tar commands execution Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
Traversal directory Traversal Dir files + Updates XSS 2016-10-21 06:12:00 +07:00
Upload insecure files Methodo, SQL,RCE,XSS,XXE updated 2016-12-20 19:46:06 +01:00
Web cache deception Typo fix in Web cache 2017-02-27 20:06:40 +01:00
XSS injection XSS Payload - bypass document blacklisted keyword 2017-03-02 17:39:15 +01:00
XXE injections Methodo, SQL,RCE,XSS,XXE updated 2016-12-20 19:46:06 +01:00
.gitignore Methodology added, XSS payloads updated,little fix 2016-11-06 12:42:50 +07:00
Methodology_and_enumeration.md Methodology update - design + nmap 2017-03-26 18:00:23 +02:00
README.md Web cache deception 2017-02-27 20:03:11 +01:00