PayloadsAllTheThings

Web security testing toolkit

A comprehensive collection of tools and techniques for web application security testing and exploitation

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

GitHub

61k stars
2k watching
15k forks
Language: Python
last commit: 5 days ago
Linked from 7 awesome lists

bountybugbountybypasscheatsheetenumerationhackinghacktoberfestmethodologypayloadpayloadspenetration-testingpentestprivilege-escalationredteamsecurityvulnerabilityweb-application

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
autistic-symposium/sec-pentesting-toolkit A comprehensive collection of security resources and tools for pentesting and reverse engineering 162
postrequest/link A Rust framework providing implants and tools for command-and-control operations in penetration testing 563
0xsobky/hackvault A container repository for storing and sharing public web hacking techniques and tools. 1,948
1n3/intruderpayloads A collection of tools and methodologies for web application testing and vulnerability assessment. 3,686
esser50k/eviltwinframework A framework for simulating evil twin Wi-Fi attacks and exploiting vulnerabilities for pentesting purposes. 278
palindromelabs/stews A tool suite for security testing of WebSockets 334
ivan-sincek/penetration-testing-cheat-sheet A comprehensive resource for penetration testing and vulnerability assessment 660
jhwohlgemuth/zsh-pentest A plugin for the oh-my-zsh shell that provides a set of aliases and functions for performing penetration testing tasks. 63
mik0w/pallms A collection of payloads designed to exploit vulnerabilities in large language models. 64
portswigger/crypto-attacker A collection of tools and scripts for penetration testing and vulnerability assessment of web applications. 2
payloadbox/open-redirect-payload-list A list of examples and explanations for protecting against open redirect vulnerabilities in web applications. 533
sinfulz/justtryharder A cheat sheet and resource collection for learning and practicing penetration testing and exploit development 796
swisskyrepo/vulny-code-static-analysis A script to detect vulnerabilities in PHP source code using static analysis and regular expressions. 398
1n3/sn1per Automates vulnerability scanning and discovery across an organization's entire attack surface 8,140
koutto/jok3r An automation framework for network and web security testing and exploitation. 1,030