A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆11Aug 11, 2021Updated 4 years ago
Alternatives and similar repositories for PayloadsAllTheThings
Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hi everyone,☆61Jul 15, 2023Updated 2 years ago
- Top disclosed reports from HackerOne☆10Apr 15, 2021Updated 5 years ago
- SSH & FTP brute-forcing tool written in python☆11Oct 2, 2024Updated last year
- This repo offers comprehensive information, necessary tools, and instructional videos for beginners in Android penetration testing, provi…☆23Jun 12, 2023Updated 2 years ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆19Apr 13, 2023Updated 3 years ago
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 8 years ago
- The tutorial of "Kubernetes Security for Microservices"☆14Oct 3, 2023Updated 2 years ago
- C++ Code to perform a MiniDump of lsass.exe☆36Aug 2, 2023Updated 2 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- List of questions, answers and random notes for security interviews☆74May 7, 2021Updated 5 years ago
- A Powershell script that looks for specific emails in an exchange users mailbox, downloads the attachments, then marks those emails as re…☆17Apr 22, 2024Updated 2 years ago
- ☆11Dec 7, 2025Updated 5 months ago
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆21Apr 14, 2021Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- RegStrike is a .reg payload generator☆57Sep 19, 2023Updated 2 years ago
- Short script to decode output logs of *sslsplit* raw HTTP packets.☆17Aug 12, 2016Updated 9 years ago
- 100-Days-of-Hacking☆133Aug 24, 2023Updated 2 years ago
- CVE-2023-23192☆13Mar 27, 2023Updated 3 years ago
- A powerful tool to scan CRLF vulnerability written in Python☆15Oct 31, 2023Updated 2 years ago
- Banned word lists for use with Lithnet Password Protection for Active Directory☆12Jul 10, 2023Updated 2 years ago
- GitHub Pages☆17Jul 25, 2018Updated 7 years ago
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆17Jun 25, 2025Updated 10 months ago
- Tomcat backdoor based on CS blog☆29Jun 30, 2023Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Monitor websites for changes☆29Updated this week
- script python to check url list via cookies and Authorization☆19Feb 28, 2023Updated 3 years ago
- ☆14Mar 28, 2018Updated 8 years ago
- * DigiPass is a script use for the Digispark usb, as a BadUSB or RubberDucky. Load, attack, and watch the passwords from the victims web …☆22Oct 26, 2023Updated 2 years ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆16Aug 16, 2022Updated 3 years ago
- Ransomware Simulator for Red/Blue teams to test their defences.☆20Apr 4, 2022Updated 4 years ago
- ☆25Jan 15, 2024Updated 2 years ago
- BpArsenal, a Burp Suite plugin that can quickly convert http requests into command-line tool execution, launch third-party tools and open…☆22Oct 31, 2025Updated 6 months ago
- A collection of open source threat detection rules created by Cyber Castle's team.☆14Jun 2, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A tool to run and validate telemetry for Atomic Red Team tests☆16Mar 21, 2024Updated 2 years ago
- ☆15May 6, 2023Updated 3 years ago
- Some scripts for Pwnagotchi☆21Jul 21, 2020Updated 5 years ago
- 蜜罐检测工具,支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。☆16Jun 5, 2025Updated 11 months ago
- ☆19Apr 27, 2022Updated 4 years ago
- Port of Samy Kamkar's OpenSesame to Si4010☆24May 25, 2020Updated 5 years ago
- Exploit iDRAC 7 & 8 firmware < 2.52.52.52☆18Dec 10, 2021Updated 4 years ago