A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆50Jul 15, 2019Updated 6 years ago
Alternatives and similar repositories for PayloadsAll
Users that are interested in PayloadsAll are comparing it to the libraries listed below
Sorting:
- A passive online scanner from OWTF☆16Feb 16, 2026Updated 2 weeks ago
- Bug Bounty Clipboard☆17Nov 6, 2019Updated 6 years ago
- Facebook Write-ups, PoC, and exploitation codes:☆29Jan 20, 2020Updated 6 years ago
- List of special metadata IPs used in cloud services☆11Aug 9, 2019Updated 6 years ago
- ☆11Jun 19, 2024Updated last year
- LFI/RFI scanner by Iman Karim (fimap.dev@gmail.com)☆10Jul 3, 2015Updated 10 years ago
- Program to perform vulnerability analysis and automatically generate a report☆58Jul 19, 2022Updated 3 years ago
- ☆16Oct 24, 2018Updated 7 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Apr 25, 2023Updated 2 years ago
- This extension provide a Python panel for writing custom proxy script.☆16Aug 26, 2019Updated 6 years ago
- python scripts for penetration testing☆11Oct 17, 2019Updated 6 years ago
- Burp Suite Extension useful to inspect UPnP security☆16Nov 9, 2021Updated 4 years ago
- Malduino compatible USB rubber ducky payloads☆14Jun 7, 2019Updated 6 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆35May 24, 2024Updated last year
- Exploiting misconfigured firebase databases☆123Jun 5, 2019Updated 6 years ago
- Misc bounty and vulndisc things☆85Jan 4, 2021Updated 5 years ago
- ☆20Sep 6, 2023Updated 2 years ago
- Firewall bypass script based on shodan search results☆14Jun 5, 2019Updated 6 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆59Mar 2, 2022Updated 4 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- My Payload Collection (XSS,SQL ...)☆14Jul 17, 2018Updated 7 years ago
- stdin writes to slack☆14Feb 8, 2020Updated 6 years ago
- ☆16Mar 26, 2023Updated 2 years ago
- A database of options to use when pen testing an application. Sample XSS, SQLi and much more. It's been gathered over time. It's not perf…☆16Oct 21, 2020Updated 5 years ago
- ☆45Jun 5, 2021Updated 4 years ago
- Lightweight BApp that seamlessly integrates powerful LLM-scanning capabilities into Burp's built-in Scanner with improved accuracy. Suppo…☆34Aug 4, 2025Updated 7 months ago
- PwnGIT is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive…☆14Dec 17, 2020Updated 5 years ago
- 被动式扫描器☆21Jan 30, 2019Updated 7 years ago
- This extension replaces the default repeater tab name with the URL path of the repeater request.☆24Sep 3, 2021Updated 4 years ago
- ☆20Aug 15, 2020Updated 5 years ago
- Burp Intruder File Payload Generator☆18Oct 27, 2019Updated 6 years ago
- Tool to automate corporate network segmentation test☆21Aug 6, 2020Updated 5 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Jun 28, 2018Updated 7 years ago
- 🔍 A simple tool to obtain long lists of ips from domains using goroutines☆26Jul 29, 2019Updated 6 years ago
- A tool for checking BigSpender vulnerability in your Bitcoin wallet☆38Mar 10, 2021Updated 4 years ago
- This little script for gathering chaos.projectdiscovery.io recon data in an organized way and finding the daily differences on it☆18Aug 9, 2020Updated 5 years ago
- A sub-domain enumeration tool☆20May 18, 2020Updated 5 years ago
- notes 2016-present☆48Jun 28, 2020Updated 5 years ago
- automate the procedure of 403 response code bypass☆49Aug 2, 2021Updated 4 years ago