A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆11Aug 11, 2021Updated 4 years ago
Alternatives and similar repositories for PayloadsAllTheThings
Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆41Mar 29, 2025Updated last year
- Hi everyone,☆61Jul 15, 2023Updated 2 years ago
- Top disclosed reports from HackerOne☆10Apr 15, 2021Updated 5 years ago
- OSCP - Study☆13Aug 18, 2021Updated 4 years ago
- SSH & FTP brute-forcing tool written in python☆11Oct 2, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Want to participate in those Instagram giveaways, but it's not worth your time? Now you can! The instaCompetitionBot enters you into cont…☆12Dec 18, 2017Updated 8 years ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 9 years ago
- The tutorial of "Kubernetes Security for Microservices"☆14Oct 3, 2023Updated 2 years ago
- ☆20Apr 13, 2023Updated 3 years ago
- C++ Code to perform a MiniDump of lsass.exe☆36Aug 2, 2023Updated 2 years ago
- Advanced version of QuickSearch which auto search all question in google forms and mark right answers in the form itself.☆17Oct 25, 2023Updated 2 years ago
- List of questions, answers and random notes for security interviews☆78May 7, 2021Updated 5 years ago
- ☆11Dec 7, 2025Updated 7 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆21Apr 14, 2021Updated 5 years ago
- RegStrike is a .reg payload generator☆57Sep 19, 2023Updated 2 years ago
- Short script to decode output logs of *sslsplit* raw HTTP packets.☆17Aug 12, 2016Updated 9 years ago
- Unpacking tool for the zipExec Crypter☆14Oct 30, 2021Updated 4 years ago
- 100-Days-of-Hacking☆133Aug 24, 2023Updated 2 years ago
- CVE-2023-23192☆13Mar 27, 2023Updated 3 years ago
- A powerful tool to scan CRLF vulnerability written in Python☆15Oct 31, 2023Updated 2 years ago
- Banned word lists for use with Lithnet Password Protection for Active Directory☆12Jul 10, 2023Updated 2 years ago
- GitHub Pages☆17Jul 25, 2018Updated 7 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A lightweight JavaScript library for DrugWars☆14Mar 2, 2023Updated 3 years ago
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆17Jun 25, 2025Updated last year
- Tomcat backdoor based on CS blog☆29Jun 30, 2023Updated 3 years ago
- Monitor websites for changes☆30Updated this week
- script python to check url list via cookies and Authorization☆19Feb 28, 2023Updated 3 years ago
- ☆14Mar 28, 2018Updated 8 years ago
- * DigiPass is a script use for the Digispark usb, as a BadUSB or RubberDucky. Load, attack, and watch the passwords from the victims web …☆22Oct 26, 2023Updated 2 years ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆16Aug 16, 2022Updated 3 years ago
- Ransomware Simulator for Red/Blue teams to test their defences.☆20Apr 4, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆25Jan 15, 2024Updated 2 years ago
- A collection of open source threat detection rules created by Cyber Castle's team.☆14Jun 2, 2022Updated 4 years ago
- BpArsenal, a Burp Suite plugin that can quickly convert http requests into command-line tool execution, launch third-party tools and open…☆22Oct 31, 2025Updated 8 months ago
- A tool to run and validate telemetry for Atomic Red Team tests☆16Mar 21, 2024Updated 2 years ago
- ☆15May 6, 2023Updated 3 years ago
- 蜜罐检测工具,支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。☆16Jun 5, 2025Updated last year
- ☆19Apr 27, 2022Updated 4 years ago