Alternatives and similar repositories for payloads:

Users that are interested in payloads are comparing it to the libraries listed below

• merttasci / weapons4pentester
  this repo contains required files for web application pentests
  ☆186Updated 8 years ago
• cujanovic / CRLF-Injection-Payloads
  Payloads for CRLF Injection
  ☆224Updated 5 months ago
• zseano / JS-Scan
  a .js scanner, built in php. designed to scrape urls and other info
  ☆213Updated 7 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 6 years ago
• emadshanab / facebook-bug-bounty-writeups
  Facebook Bug Bounties
  ☆102Updated 4 years ago
• meliht / TaktikselBugHunting
  Taktiksel Bug Hunting Yöntemleri
  ☆42Updated 7 years ago
• securityidiots / CollabOzark
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆137Updated 5 years ago
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆235Updated 4 years ago
• ahmetgurel / Pentest-Hints
  Tips for Penetration Testing
  ☆107Updated last year
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆101Updated last year
• hahwul / XSS-Payload-without-Anything
  XSS Payload without Anything.
  ☆103Updated 5 years ago
• zseano / InputScanner
  ☆241Updated 6 years ago
• JGillam / burp-paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆154Updated last week
• tcpiplab / Web-App-Hacking-Notes
  Notes I've taken while working through various web app pentesting labs.
  ☆92Updated 6 years ago
• Dhamuharker / Xss-
  Awesome XSS Payloads
  ☆84Updated 9 years ago
• dubs3c / Injectus
  CRLF and open redirect fuzzer
  ☆112Updated 3 years ago
• jhaddix / XSS.png
  A XSS mind map ;)
  ☆86Updated 8 years ago
• incogbyte / jsearch
  ☆29Updated 3 years ago
• daeken / SSRFTest
  SSRF testing tool
  ☆244Updated 2 years ago
• JordyZomer / autoSubTakeover
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆132Updated last year
• shivsahni / NSBrute
  Python utility to takeover domains vulnerable to AWS NS Takeover
  ☆86Updated 2 years ago
• MichaelStott / CRLF-Injection-Scanner
  Command line tool for testing CRLF injection on a list of domains.
  ☆161Updated 11 months ago
• merttasci / csrf-poc-generator
  this html file creates a csrf poc form to any http request.
  ☆271Updated 2 years ago
• rastating / dnmasscan
  A script that can resolve an input file of domains and scan them with masscan
  ☆157Updated 4 years ago
• nahamsec / SundayStreams
  Data from my Sunday streams
  ☆74Updated 5 years ago
• tijme / angularjs-csti-scanner
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
  ☆312Updated 3 years ago
• mystech7 / Burp-Hunter
  XSS Hunter Burp Plugin
  ☆149Updated 6 years ago
• random-robbie / bugbountydork
  Bug Bounty Dork
  ☆71Updated 3 years ago
• R0X4R / D4rkXSS
  A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
  ☆166Updated 5 years ago
• BitTheByte / BitBlinder
  BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities
  ☆111Updated last year