daffainfo/PayloadsAllTheThings external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

daffainfo/PayloadsAllTheThings

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/daffainfo/PayloadsAllTheThings)

Close

daffainfo / PayloadsAllTheThingsView on GitHubMore

• External links
• Readme badge

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

☆13Aug 26, 2021Updated 4 years ago

Alternatives and similar repositories for PayloadsAllTheThings

Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• daffainfo / vulnlabs

  View on GitHub
  A simple vulnerable webapp created by PHP
  ☆14Apr 18, 2025Updated last year
• daffainfo / vulnerable-web

  View on GitHub
  Simple vulnerability labs that created using PHP and MySQL.
  ☆16Dec 30, 2022Updated 3 years ago
• CSbyGB / wordlists

  View on GitHub
  Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.
  ☆11Dec 30, 2020Updated 5 years ago
• WeiJiLab / Spring4Shell-POC

  View on GitHub
  Spring4Shell reproduce
  ☆11Apr 1, 2022Updated 4 years ago
• D3Ext / Captcha-Bypassing-Lab

  View on GitHub
  PHP lab to test captcha bypassing
  ☆30Jan 8, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• nil0x42 / scripts

  View on GitHub
  Bash & Python scripts for daily life
  ☆16Nov 27, 2018Updated 7 years ago
• CSbyGB / csbygb.github.io

  View on GitHub
  CSbyGB - Gabrielle B's new Blog!
  ☆23Jul 29, 2025Updated 9 months ago
• VetSec / vetsec_links

  View on GitHub
  Links to VeteranSec Resources
  ☆12May 18, 2020Updated 6 years ago
• daffainfo / nuclei-malware

  View on GitHub
  Template to detect some malware
  ☆14Aug 7, 2023Updated 2 years ago
• OlehOleinikov / hlr_lookup_telegram_bot

  View on GitHub
  Bot verifies a mobile phone number activity status by HLR-lookup. The request is processed by the communication operator without reaching…
  ☆16Jan 25, 2022Updated 4 years ago
• Dheerajmadhukar / Prototype-Pollution-Lab_me_dheeraj

  View on GitHub
  Prototype-Pollution-Lab to chain the vulnerabilities between multiple accounts.
  ☆13Sep 11, 2021Updated 4 years ago
• CSbyGB / ldapsearch-ad

  View on GitHub
  Python3 script to quickly get various information from a domain controller through his LDAP service.
  ☆11Feb 23, 2022Updated 4 years ago
• Mastering-Blockchain-Book / Chapter5_ERC20_Token

  View on GitHub
  ☆10Sep 30, 2020Updated 5 years ago
• remonsec / Pri0tx

  View on GitHub
  Automation for Open Threat Exchange
  ☆24Mar 16, 2024Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• daffainfo / apiguesser-web

  View on GitHub
  Simple website to guess API Key / OAuth Token
  ☆49Aug 29, 2022Updated 3 years ago
• CSbyGB / CSbyGB

  View on GitHub
  Config files for my GitHub profile.
  ☆13Oct 9, 2022Updated 3 years ago
• MicrosoftLearning / configure-siem-security-operations-using-microsoft-sentinel

  View on GitHub
  ☆13Mar 11, 2026Updated 2 months ago
• joswr1ght / MSOLSpray

  View on GitHub
  A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…
  ☆19Apr 11, 2022Updated 4 years ago
• MindPatch / pmg

  View on GitHub
  Extract parameters/paths from urls
  ☆17Aug 2, 2020Updated 5 years ago
• daffainfo / bypass-403

  View on GitHub
  Go script for bypassing 403 forbidden
  ☆162Aug 6, 2021Updated 4 years ago
• JoasASantos / ISO-27002-Document

  View on GitHub
  ☆10May 30, 2021Updated 4 years ago
• tamimhasan404 / Gau-Expose

  View on GitHub
  It grep subdomains, email/username, build custom wordlist etc from gau results
  ☆50Nov 4, 2022Updated 3 years ago
• emaadmanzoor / pyFreeSMS

  View on GitHub
  A Python API to send messages via web-based free SMS providers
  ☆18May 28, 2011Updated 14 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• idchoppers / redTeaming

  View on GitHub
  Assorted scripts I made for Red Teaming / Pen Testing
  ☆14Jun 15, 2024Updated last year
• Manticore-Platform / ransomware-emulation

  View on GitHub
  Manticore Ransomware Emulation - Educational Purpose Only!
  ☆10Aug 2, 2020Updated 5 years ago
• karthi-the-hacker / d3vnull

  View on GitHub
  Do recon in single click
  ☆21Jan 22, 2025Updated last year
• daffainfo / all-about-apikey

  View on GitHub
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆294Sep 26, 2023Updated 2 years ago
• AlexLynd / log4j-shell-poc

  View on GitHub
  A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.
  ☆11Nov 26, 2022Updated 3 years ago
• revan-ar / px-grabber

  View on GitHub
  ☆14Feb 16, 2023Updated 3 years ago
• makash / effective-ssh-usage-for-pentesters

  View on GitHub
  This is a beginner level session to train you into using SSH more effectively. While pentesters may benefit (especially if they are plan…
  ☆15Feb 9, 2019Updated 7 years ago
• Mastering-Blockchain-Book / Useful-Tools

  View on GitHub
  ☆18Feb 9, 2021Updated 5 years ago
• daffainfo / suricata-rules

  View on GitHub
  Suricata rules that can detect a wide range of threats, including malware, exploits, and other malicious activity especially web applicat…
  ☆62Apr 2, 2024Updated 2 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• mytechnotalent / ToyOS

  View on GitHub
  ToyOS is a simple x86 OS that only accepts numeric values into the input stream and returns them to a standard out console.
  ☆12Nov 27, 2025Updated 5 months ago
• e11i0t4lders0n / my_aws_blogs

  View on GitHub
  ☆12Dec 26, 2021Updated 4 years ago
• scokmen / data-mask

  View on GitHub
  A small string masking library in javascript
  ☆12Dec 15, 2023Updated 2 years ago
• simondankelmann / MacDetect

  View on GitHub
  A simple Mac-Address Sniffer based on tshark
  ☆12Dec 27, 2018Updated 7 years ago
• Err0r-ICA / Pentest-Tips

  View on GitHub
  ☆15Dec 3, 2020Updated 5 years ago
• daffainfo / Oneliner-Bugbounty

  View on GitHub
  A collection oneliner scripts for bug bounty
  ☆185Mar 21, 2024Updated 2 years ago
• lissy93 / awesome-security

  View on GitHub
  A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
  ☆19Jul 28, 2022Updated 3 years ago