SleepTheGod / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆15Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for PayloadsAllTheThings
- Windows And Ways To Break It☆101Updated last year
- HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachm…☆119Updated 2 years ago
- Capture screenshots of onion services on an onion service.☆49Updated 5 months ago
- Python RAT that uses Telegram as C2 endpoint☆25Updated last year
- A PHP script demonstrating cookie stealing by capturing and logging request information, including the victim's cookie, IP address, HTTP …☆32Updated last year
- This is power full BotNet☆54Updated last year
- Crawls URL to get a better image of what is tied to a website.☆32Updated last year
- Steal/Inject Chrome cookies over the DevTools (--remote-debugging-port) protocol.☆106Updated last year
- 🕵️ OSINT Tool (github tracker)☆125Updated 5 months ago
- Searches for employees of a company on linkedin, generates a list of possible emails and verifies them.☆43Updated last month
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆119Updated last year
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆56Updated 8 months ago
- A powerful tool that utilizes the technique of google dorking to search for specific information on the internet.☆99Updated last year
- Arescan is a powerful web directory discovery tool that helps you uncover hidden directories and links on any website. By performing a br…☆30Updated last year
- This is a shell script that creates an SSH backdoor on an iPhone.☆216Updated last month
- quick and dirty proof-of-concept to hide shells in images☆49Updated 4 months ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆48Updated 8 months ago
- Discord bot for the Shodan API - OSINT tool☆66Updated 8 months ago
- JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆26Updated 11 months ago
- Highly configurable script for dictionary/spray attacks against online web applications.☆54Updated 2 years ago
- Reverse backdoor written in PowerShell and obfuscated with Python. It generates payloads for popular hacking devices like Flipper Zero an…☆29Updated last year
- Red Teaming tools and techniques☆47Updated last year
- A custom Google search (to bypass some limitations on google and VPNs)☆109Updated last year
- Recon scripts for Red Team and Web blackbox auditing☆29Updated this week
- A small executable to trick a user to authenticate using code matching MFA☆69Updated last year
- This tool will help you find a close friend☆61Updated 7 months ago
- CVE-2023-43261 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption☆56Updated last year
- GitOSINT: The OSINT Powerhouse for Discord. The go-to Discord bot for Open Source Intelligence (OSINT).☆93Updated last year