PayloadsAllTheThings

Web security testing toolkit

A comprehensive collection of tools and techniques for web application security testing and exploitation

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

GitHub

62k stars
2k watching
15k forks
Language: Python
last commit: 4 days ago
Linked from 7 awesome lists

bountybugbountybypasscheatsheetenumerationhackinghacktoberfestmethodologypayloadpayloadspenetration-testingpentestprivilege-escalationredteamsecurityvulnerabilityweb-application

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
autistic-symposium/sec-pentesting-toolkit A comprehensive collection of security tools and resources for pentesting and cybersecurity research 166
postrequest/link A Rust framework providing implants and tools for command-and-control operations in penetration testing 563
0xsobky/hackvault A container repository for storing and sharing public web hacking techniques and tools. 1,951
1n3/intruderpayloads A collection of tools and methodologies for testing web applications 3,689
esser50k/eviltwinframework A framework for simulating evil twin Wi-Fi attacks and exploiting vulnerabilities for pentesting purposes. 280
palindromelabs/stews A tool suite for security testing of WebSockets 336
ivan-sincek/penetration-testing-cheat-sheet A comprehensive resource for penetration testing and vulnerability assessment 665
jhwohlgemuth/zsh-pentest A plugin for the oh-my-zsh shell that provides a set of aliases and functions for performing penetration testing tasks. 64
mik0w/pallms A collection of payloads designed to exploit vulnerabilities in large language models. 67
portswigger/crypto-attacker A collection of tools and scripts for penetration testing and vulnerability assessment of web applications. 2
payloadbox/open-redirect-payload-list A list of examples and explanations for protecting against open redirect vulnerabilities in web applications. 534
sinfulz/justtryharder A cheat sheet and resource collection for learning and practicing penetration testing and exploit development 795
swisskyrepo/vulny-code-static-analysis A script to detect vulnerabilities in PHP source code using static analysis and regular expressions. 397
1n3/sn1per Automates vulnerability scanning and discovery across an organization's entire attack surface 8,155
koutto/jok3r An automation framework for network and web security testing and exploitation. 1,031