swisskyrepo / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆61,402Updated this week
Related projects ⓘ
Alternatives and complementary repositories for PayloadsAllTheThings
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆16,139Updated 2 weeks ago
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆10,908Updated 3 weeks ago
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆9,043Updated last week
- Fast web fuzzer written in Go☆12,711Updated 4 months ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,106Updated 2 months ago
- Impacket is a collection of Python classes for working with network protocols.☆13,557Updated 3 weeks ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,040Updated last year
- A swiss army knife for pentesting networks☆8,457Updated 11 months ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,105Updated last week
- Monitor linux processes without root permissions☆4,961Updated last year
- articles☆12,924Updated last year
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆8,804Updated 6 months ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆8,506Updated 5 months ago
- Adversary Emulation Framework☆8,553Updated last week
- 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.☆6,531Updated this week
- Most advanced XSS scanner.☆13,379Updated 3 months ago
- Gather and update all available and newest CVEs with their PoC.☆6,587Updated this week
- The ultimate WinRM shell for hacking/pentesting☆4,542Updated 3 weeks ago
- In-depth attack surface mapping and asset discovery☆12,095Updated this week
- A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.☆5,678Updated last month
- Attack Surface Management Platform☆8,132Updated 3 weeks ago
- The Havoc Framework☆6,860Updated this week
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,167Updated 5 months ago
- List of Awesome Red Teaming Resources☆6,908Updated 10 months ago
- Directory/File, DNS and VHost busting tool written in Go☆10,154Updated last week
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆6,379Updated 4 months ago
- Web path scanner☆12,191Updated this week
- Web application fuzzer☆5,968Updated 3 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,472Updated last month
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,249Updated last year