patuuh/Payloads-and-wordlists external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

patuuh/Payloads-and-wordlists

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/patuuh/Payloads-and-wordlists)

Close

patuuh / Payloads-and-wordlistsView on GitHubMore

• External links
• Readme badge

List of payloads for BurpSuite intruder. Payloads gathered from Swisskyrepos PayloadsAllTheThings

☆37Apr 2, 2026Updated last week

Alternatives and similar repositories for Payloads-and-wordlists

Users that are interested in Payloads-and-wordlists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• orwagodfather / ShoLister

  View on GitHub
  ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …
  ☆13May 10, 2022Updated 3 years ago
• doomerhunter / tampermonkey-useful-scripts

  View on GitHub
  Useful scripts for tampermonkey that I used during bug hunting. Will be updated "au fil de l'eau"
  ☆17Jun 2, 2025Updated 10 months ago
• kh4sh3i / FFUF-Tricks

  View on GitHub
  Describe how to use ffuf different options with examples
  ☆13Jun 13, 2022Updated 3 years ago
• withdk / sqli-tools

  View on GitHub
  Blind SQL Injection (BSQLI) Data Exploration Tool
  ☆18Feb 18, 2017Updated 9 years ago
• Dheerajmadhukar / Prototype-Pollution-Lab_me_dheeraj

  View on GitHub
  Prototype-Pollution-Lab to chain the vulnerabilities between multiple accounts.
  ☆13Sep 11, 2021Updated 4 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• caido-community / workflows

  View on GitHub
  🛠️ Workflows created by the community
  ☆89Dec 8, 2025Updated 4 months ago
• darklotuskdb / ios-reloader

  View on GitHub
  The iOS Reloader is a weaponizing tool for jailbroken iOS devices. It facilitates the installation of a collection of tools on iOS device…
  ☆17Sep 15, 2025Updated 6 months ago
• streaak / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆12Sep 7, 2017Updated 8 years ago
• tr3ss / newclei

  View on GitHub
  A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.
  ☆55Jun 13, 2023Updated 2 years ago
• a2dom / subbdom-cli

  View on GitHub
  Subbdom API Client
  ☆13Feb 7, 2025Updated last year
• sl4x0 / NC-Templates

  View on GitHub
  Hand-made Improved Nuclei Templates!🪴
  ☆13Jun 12, 2023Updated 2 years ago
• caido-community / scanner

  View on GitHub
  Vulnerability scanner for Caido
  ☆44Mar 26, 2026Updated 2 weeks ago
• njcve / whoisxml-ns-search

  View on GitHub
  ☆11Mar 27, 2024Updated 2 years ago
• Noxtal / tetrodotoxin

  View on GitHub
  A Rust malware controlled by a Go web interface, API and socket server.
  ☆10Aug 22, 2022Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• VICXOR / CVE-2020-9484

  View on GitHub
  POC for CVE-2020-9484
  ☆13Feb 10, 2021Updated 5 years ago
• karrni / sparrot

  View on GitHub
  Discover related domains using Whois data from whoxy.com
  ☆15May 30, 2023Updated 2 years ago
• ifconfig-me / JSSecret-Extractor

  View on GitHub
  This python based tool can be used to discover API keys, access tokens, and other sensitive data in JavaScript files. It can scan JavaScr…
  ☆15Oct 18, 2024Updated last year
• ssl / SecCollection

  View on GitHub
  Combined and sorted cybersecurity collection of all high quality seclists and wordlists from the internet
  ☆23May 1, 2025Updated 11 months ago
• Asbawy / Automation-for-Juniper-cve-2023-36845

  View on GitHub
  Simple Automation script for juniper cve-2023-36845
  ☆19Jan 30, 2024Updated 2 years ago
• hahwul / ras-fuzzer

  View on GitHub
  RAS(RAndom Subdomain) Fuzzer
  ☆42Jan 22, 2020Updated 6 years ago
• withdk / pulse-secure-vpn-mitm-research

  View on GitHub
  Pulse Secure VPN mitm Research - CVE-2020-8241, CVE-2020-8239
  ☆24Nov 1, 2020Updated 5 years ago
• Lu3ky13 / Unauthorized-Access-to-Metadata-and-User-Data-like-CTF

  View on GitHub
  Unauthorized Access to Metadata and User Data like CTF
  ☆28Nov 30, 2024Updated last year
• 808ale / CVE-2022-42889-Text4Shell-POC

  View on GitHub
  This repository contains a Python script to automate the process of testing for a vulnerability known as Text4Shell, referenced under the…
  ☆14Jun 27, 2023Updated 2 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• CalfCrusher / Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit

  View on GitHub
  CVE-2021-41773 | CVE-2021-42013 Exploit Tool (Apache/2.4.49-2.4.50)
  ☆10Apr 8, 2022Updated 4 years ago
• indoxploit-coders / opencart-bruteforce

  View on GitHub
  Opencart Bruteforce and Upload Image
  ☆11Aug 13, 2019Updated 6 years ago
• xitmakes / scope.sh

  View on GitHub
  ☆15Mar 21, 2025Updated last year
• orwagodfather / SQL-Wordlist

  View on GitHub
  ☆87Sep 24, 2024Updated last year
• xssdoctor / ai_subdomain

  View on GitHub
  generates unique subdomain names and runs httpx on them
  ☆18Apr 8, 2024Updated 2 years ago
• blackn0te / Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution

  View on GitHub
  Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)
  ☆13Aug 22, 2025Updated 7 months ago
• sleepyeinstein / lemma

  View on GitHub
  Remote CLI tools at your fingertips
  ☆102Jul 31, 2024Updated last year
• FeiNiao / ClickHouse-database-unauthorized

  View on GitHub
  ClickHouse是一款开源的列式数据库，ClickHouse存在未授权访问漏洞，攻击者可利用该漏洞获取数据库的敏感信息
  ☆14May 6, 2023Updated 2 years ago
• blackhatethicalhacking / CVE-2020-2034-POC

  View on GitHub
  Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal
  ☆13Aug 14, 2020Updated 5 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• simran-sankhala / Pentest-Tomcat

  View on GitHub
  Pentesting Apache Tomcat 101
  ☆14Apr 4, 2023Updated 3 years ago
• K3ysTr0K3R / CVE-2023-23752-EXPLOIT

  View on GitHub
  A PoC exploit for CVE-2023-23752 - Joomla Improper Access Check in Versions 4.0.0 through 4.2.7
  ☆16Feb 1, 2026Updated 2 months ago
• Chocapikk / CVE-2024-8517

  View on GitHub
  SPIP BigUp Plugin Unauthenticated RCE
  ☆16Sep 7, 2024Updated last year
• BlackFan / Burp-Ai-Substitutor

  View on GitHub
  AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.
  ☆28Apr 30, 2025Updated 11 months ago
• haruki3hhh / PageSpray

  View on GitHub
  ☆17Aug 19, 2024Updated last year
• kljunowsky / CVE-2022-42889-text4shell

  View on GitHub
  Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.
  ☆56Dec 29, 2023Updated 2 years ago
• Shivangx01b / BountyIt

  View on GitHub
  A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…
  ☆62Oct 25, 2020Updated 5 years ago