A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆13Aug 26, 2021Updated 4 years ago
Alternatives and similar repositories for PayloadsAllTheThings
Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple vulnerability labs that created using PHP and MySQL.☆16Dec 30, 2022Updated 3 years ago
- Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.☆11Dec 30, 2020Updated 5 years ago
- Spring4Shell reproduce☆11Apr 1, 2022Updated 3 years ago
- A tool to generate fake profile for filling of form☆11Apr 30, 2023Updated 2 years ago
- PHP lab to test captcha bypassing☆30Jan 8, 2024Updated 2 years ago
- Bash & Python scripts for daily life☆16Nov 27, 2018Updated 7 years ago
- CSbyGB - Gabrielle B's new Blog!☆23Jul 29, 2025Updated 7 months ago
- A small stuff of telegram bot for pentest and information gathering.☆11Oct 3, 2020Updated 5 years ago
- Template to detect some malware☆14Aug 7, 2023Updated 2 years ago
- Bot verifies a mobile phone number activity status by HLR-lookup. The request is processed by the communication operator without reaching…☆16Jan 25, 2022Updated 4 years ago
- Prototype-Pollution-Lab to chain the vulnerabilities between multiple accounts.☆13Sep 11, 2021Updated 4 years ago
- Python3 script to quickly get various information from a domain controller through his LDAP service.☆11Feb 23, 2022Updated 4 years ago
- Automation for Open Threat Exchange☆24Mar 16, 2024Updated 2 years ago
- Random Tools for Bug Bounty☆151Oct 15, 2022Updated 3 years ago
- Config files for my GitHub profile.☆13Oct 9, 2022Updated 3 years ago
- A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…☆19Apr 11, 2022Updated 3 years ago
- ☆13Mar 11, 2026Updated 2 weeks ago
- Extract parameters/paths from urls☆17Aug 2, 2020Updated 5 years ago
- Go script for bypassing 403 forbidden☆160Aug 6, 2021Updated 4 years ago
- malware phylogeny for WSO web shell, Shellbot IRC bot and algorithm☆17May 24, 2022Updated 3 years ago
- ☆11May 30, 2021Updated 4 years ago
- It grep subdomains, email/username, build custom wordlist etc from gau results☆50Nov 4, 2022Updated 3 years ago
- A Python API to send messages via web-based free SMS providers☆18May 28, 2011Updated 14 years ago
- joomla com_xcloner exploit [Mass Autoexploiting script coded with python]☆13Apr 29, 2019Updated 6 years ago
- Assorted scripts I made for Red Teaming / Pen Testing☆14Jun 15, 2024Updated last year
- ☆14Dec 3, 2020Updated 5 years ago
- Do recon in single click☆21Jan 22, 2025Updated last year
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)☆289Sep 26, 2023Updated 2 years ago
- Template for telegram bot with webhook☆14Apr 4, 2021Updated 4 years ago
- The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and…☆10Oct 12, 2019Updated 6 years ago
- AutoExploiter Wordpress , Joomla , Drupal☆18Mar 27, 2018Updated 7 years ago
- ☆14Feb 16, 2023Updated 3 years ago
- ☆18Feb 9, 2021Updated 5 years ago
- Aplikasi untuk membangun NAT, DHCP Server, access log, cache web, port forwarding, VPN Server secara cepat termasuk konfigurasinya, pada …☆16May 15, 2022Updated 3 years ago
- ☆14Mar 16, 2024Updated 2 years ago
- ☆12Dec 26, 2021Updated 4 years ago
- A small string masking library in javascript☆12Dec 15, 2023Updated 2 years ago
- A simple Mac-Address Sniffer based on tshark☆12Dec 27, 2018Updated 7 years ago
- A collection oneliner scripts for bug bounty☆186Mar 21, 2024Updated 2 years ago