Repository navigation
payloads
- Website
- Wikipedia
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
All about bug bounty (bypasses, payloads, and etc)
A list of interesting payloads, tips and tricks for bug bounty hunters.
The all-in-one browser extension for offensive security professionals 🛠
The Official USB Rubber Ducky Payload Repository
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Git All the Payloads! A collection of web attack payloads.
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
A container repository for my public web hacks!
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Undetectable Windows Payload Generation
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Active Directory and Internal Pentest Cheatsheets
Image Payload Creating/Injecting tools
🎯 XML External Entity (XXE) Injection Payload List