swisskyrepo / PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
☆64,722Updated last week
Alternatives and similar repositories for PayloadsAllTheThings:
Users that are interested in PayloadsAllTheThings are comparing it to the libraries listed below
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆11,486Updated 5 months ago
- Fast web fuzzer written in Go☆13,794Updated last week
- In-depth attack surface mapping and asset discovery☆12,812Updated this week
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,443Updated this week
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆17,290Updated 2 weeks ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,486Updated last year
- List of Awesome Red Teaming Resources☆7,160Updated last year
- Directory/File, DNS and VHost busting tool written in Go☆11,369Updated this week
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,063Updated last year
- Attack Surface Management Platform☆8,639Updated last month
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,100Updated last year
- Collection of methodology and test case for various web vulnerabilities.☆6,346Updated last month
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,449Updated 2 months ago
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,405Updated last week
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆62,166Updated this week
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,289Updated last year
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆9,732Updated last week
- Web application fuzzer☆6,137Updated 8 months ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆22,946Updated this week
- Adversary Emulation Framework☆9,183Updated this week
- Top disclosed reports from HackerOne☆4,443Updated 3 weeks ago
- Impacket is a collection of Python classes for working with network protocols.☆14,149Updated last week
- A swiss army knife for pentesting networks☆8,668Updated last year
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,115Updated 2 months ago
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆6,929Updated 9 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,776Updated 3 years ago
- A curated list of various bug bounty tools☆4,829Updated 3 months ago
- A collection of awesome penetration testing resources, tools and other shiny things☆22,842Updated 4 months ago
- Most advanced XSS scanner.☆13,831Updated last month
- A list of resources for those interested in getting started in bug bounties☆11,163Updated 8 months ago