SleepTheGod / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆14Updated 2 years ago
Alternatives and similar repositories for PayloadsAllTheThings:
Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below
- Crawls URL to get a better image of what is tied to a website.☆32Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆23Updated 2 years ago
- Steganography Reverse Shell☆9Updated last year
- Capture screenshots of onion services on an onion service.☆48Updated 9 months ago
- A PHP script demonstrating cookie stealing by capturing and logging request information, including the victim's cookie, IP address, HTTP …☆35Updated last year
- A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…☆26Updated 6 months ago
- HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachm…☆127Updated 2 years ago
- quick and dirty proof-of-concept to hide shells in images☆49Updated 9 months ago
- CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]☆11Updated last year
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆60Updated last year
- Pentest/Red Team: Resources, repos and scripts.☆68Updated 3 weeks ago
- Highly configurable script for dictionary/spray attacks against online web applications.☆53Updated 2 years ago
- Reverse backdoor written in PowerShell and obfuscated with Python. It generates payloads for popular hacking devices like Flipper Zero an…☆29Updated last year
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆122Updated last year
- 「🧱」Test a list of payloads and see if you can bypass it☆56Updated 2 years ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆50Updated 5 months ago
- A small executable to trick a user to authenticate using code matching MFA☆69Updated last year
- A C2 framework built for my bachelors thesis☆55Updated 4 months ago
- Social Engineering Browser Update Attack.☆56Updated last year
- Tool for bypassing logins vulnerable against SQL injection☆45Updated 11 months ago
- APK Infrastructure Investigator☆62Updated last year
- Classic Web shell upload techniques & Web RCE techniques☆27Updated 4 months ago
- Tool to retrieve Config from Redline C2 servers☆16Updated 2 years ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆93Updated last year
- Web Path Finder☆60Updated last year
- Receive email alerts on successful ssh logins based on a predefined IP whitelist OR a predefined IP country origin whitelist (using gmail…☆22Updated 8 months ago
- Tips, Tricks, and Scripts for Linux Post Exploitation☆38Updated 2 years ago
- Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…☆49Updated last year
- A script to automate keystrokes through a graphical desktop program.☆34Updated 2 months ago
- Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious d…☆39Updated last year