PayloadsAllTheThings

wanderer/PayloadsAllTheThings

Fork 0

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-29 10:31:40 +01:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#10

#100

#101

#102

#103

#105

#106

#107

#108

#109

#110

#111

#112

#113

#114

#115

#116

#117

#118

#119

#120

#121

#122

#123

#124

#125

#127

#128

#129

#13

#130

#131

#132

#134

#135

#136

#137

#138

#139

#142

#143

#145

#146

#148

#149

#15

#150

#151

#152

#154

#155

#156

#157

#158

#159

#162

#163

#164

#165

#166

#167

#169

#17

#171

#172

#173

#174

#175

#176

#178

#179

#18

#180

#181

#182

#183

#186

#187

#188

#19

#190

#191

#192

#193

#196

#197

#198

#2

#20

#200

#201

#202

#204

#206

#207

#208

#209

#21

#210

#213

#214

#215

#216

#217

#218

#219

#22

#220

#221

#223

#224

#225

#226

#227

#229

#23

#230

#231

#233

#234

#235

#236

#237

#238

#239

#24

#240

#241

#242

#243

#244

#246

#247

#248

#249

#25

#250

#251

#253

#254

#255

#257

#258

#259

#26

#260

#261

#262

#263

#264

#265

#266

#267

#268

#269

#27

#270

#271

#272

#273

#274

#275

#276

#277

#278

#279

#28

#280

#281

#282

#283

#284

#285

#287

#288

#289

#29

#290

#291

#292

#293

#294

#296

#297

#3

#30

#302

#304

#305

#306

#307

#308

#309

#310

#311

#312

#313

#314

#315

#316

#319

#32

#320

#322

#323

#324

#325

#326

#327

#328

#329

#330

#331

#332

#333

#334

#335

#336

#338

#339

#34

#341

#343

#345

#346

#348

#349

#35

#350

#351

#352

#353

#354

#355

#356

#358

#36

#360

#361

#362

#365

#366

#367

#37

#370

#371

#374

#375

#376

#377

#378

#379

#38

#381

#383

#384

#386

#387

#388

#389

#39

#395

#396

#397

#398

#399

#40

#400

#401

#402

#403

#404

#405

#406

#407

#408

#409

#41

#410

#411

#412

#413

#414

#415

#416

#417

#418

#419

#42

#420

#421

#422

#423

#424

#425

#426

#427

#428

#429

#43

#430

#431

#432

#433

#434

#435

#436

#437

#438

#439

#44

#440

#441

#442

#443

#444

#445

#446

#447

#448

#449

#45

#450

#451

#452

#453

#454

#455

#456

#457

#458

#46

#460

#461

#462

#463

#464

#465

#466

#467

#468

#469

#47

#470

#471

#472

#473

#474

#475

#476

#477

#478

#479

#48

#480

#481

#482

#483

#484

#485

#486

#487

#488

#489

#49

#490

#491

#492

#493

#494

#495

#496

#497

#498

#499

#50

#500

#501

#502

#503

#504

#505

#506

#507

#508

#509

#510

#511

#512

#513

#514

#515

#516

#517

#518

#519

#52

#520

#521

#522

#523

#524

#525

#526

#527

#528

#529

#53

#530

#531

#532

#533

#534

#535

#536

#537

#538

#539

#54

#540

#541

#541

#542

#543

#544

#545

#546

#547

#548

#549

#55

#550

#551

#552

#553

#554

#555

#556

#557

#558

#559

#56

#560

#561

#562

#563

#564

#565

#566

#567

#568

#569

#57

#570

#571

#572

#573

#574

#575

#576

#577

#578

#579

#58

#580

#580

#581

#582

#583

#584

#585

#586

#587

#588

#589

#590

#591

#592

#593

#594

#595

#596

#597

#598

#599

#6

#60

#600

#601

#602

#603

#604

#604

#605

#606

#607

#608

#609

#61

#610

#611

#612

#613

#614

#615

#616

#617

#618

#619

#62

#620

#621

#622

#623

#624

#625

#626

#627

#628

#629

#63

#630

#631

#631

#632

#633

#634

#635

#636

#637

#638

#639

#64

#640

#641

#642

#643

#644

#645

#646

#647

#648

#649

#65

#650

#651

#652

#653

#654

#655

#655

#656

#657

#658

#659

#66

#660

#661

#662

#663

#664

#665

#666

#667

#668

#669

#67

#670

#671

#672

#673

#674

#675

#676

#677

#677

#678

#679

#680

#681

#682

#683

#684

#685

#686

#687

#688

#689

#690

#691

#692

#693

#694

#695

#696

#697

#698

#699

#7

#70

#700

#701

#702

#703

#704

#705

#706

#706

#707

#708

#709

#71

#710

#711

#712

#713

#714

#715

#716

#717

#718

#719

#719

#72

#720

#720

#721

#722

#723

#724

#725

#726

#727

#728

#729

#73

#730

#731

#732

#733

#734

#735

#736

#737

#738

#739

#740

#740

#741

#741

#742

#743

#744

#745

#746

#747

#748

#749

#75

#750

#751

#752

#753

#754

#755

#756

#757

#758

#759

#76

#760

#761

#762

#763

#764

#765

#766

#767

#768

#769

#770

#771

#772

#773

#774

#775

#775

#776

#777

#778

#779

#780

#781

#782

#783

#784

#785

#786

#787

#788

#789

#79

#790

#791

#792

#793

#794

#795

#796

#797

#798

#799

#799

#8

#8

#800

#801

#802

#803

#804

#805

#806

#807

#807

#808

#808

#809

#809

#810

#810

#82

#83

#85

#86

#87

#88

#92

#93

#94

#96

#97

#98

#99

1.0

2.0

2.1

3.0

4.0

4.1

4.2

8adf5948f9

fix markdown formatting, no content changes jose nazario 2018-03-26 09:47:44 -0400
e6b5dfa3de Fix README broken links Swissky 2018-03-25 23:51:22 +0200
d1f6e8397d Refactoring XSS 0/? Swissky 2018-03-23 13:53:53 +0100
30019235f8 SQLmap tips + Active Directory attacks + SQLite injections Swissky 2018-03-12 09:17:31 +0100
70f38d5678 Payloads - Quick fix Swissky 2018-02-23 13:48:51 +0100
b87c3fd7ff Traversal Dir + NoSQL major updates + small addons Swissky 2018-02-15 23:27:42 +0100
40fa20ec63

Merge pull request #13 from soffensive/master Swissky 2018-01-26 20:14:51 +0100
4892dc6577 Further payload added soffensive 2018-01-26 13:31:52 +0100
be12684bc0 Added payload to detect more reliably blind NoSQL injection soffensive 2018-01-26 13:28:57 +0100
3793d91fd4 Mimikatz + Credential Windows + XXE update Swissky 2017-12-06 20:40:29 +0100
2c048f7b52 SSRF Ip script + DDL & Execute Windows Swissky 2017-11-24 09:57:48 +0100
fea88a5738 SVG XSS + SSRF enclosed alphanumerics Swissky 2017-11-19 14:01:36 +0100
f740d8e825 MySQL - Code exec Swissky 2017-11-09 09:05:50 +0100
edd5f3601f File inclusion - more intruders Swissky 2017-10-21 16:48:17 +0200
6b1c98010d Merge pull request #10 from melvinsh/master Swissky 2017-10-16 09:55:31 +0200
59971e95d2 Add CSRF to OAuth2 Melvin Lammerts 2017-10-16 08:41:43 +0200
d16aec6f6a Tomcat CVE-2017-12617 Swissky 2017-10-10 10:19:14 +0200
a2d5fe5cad Upload .htaccess to PHP code exec Swissky 2017-10-09 23:17:31 +0200
6ad7965efc SSRF AWS + Shell.php{3,4,5,7} Swissky 2017-09-27 14:37:07 +0200
87ef554e40 LFI to RCE via input:// stream Swissky 2017-09-24 00:37:56 +0200
3e6043be32 LFI - PHPSessid technique, more bypass and files Swissky 2017-09-24 00:32:55 +0200
278a130940 Command Exec - ``, $() and more bypasses Swissky 2017-09-23 23:30:40 +0200
e7cb8a2ce1 SSRF - Gopher Protocol Swissky 2017-09-19 20:35:18 +0200
1ca215d5d7 Multiple update - LFI/RCE via phpinfo, Struts2 v2 Swissky 2017-09-13 23:55:29 +0200
78b958604f Merge 579b3c2d371aefee13f1617465b6754b415d4a38 into c36d31ec5df953f1c1a01ea79ea9be0ebc8ecfaf unl1k3ly 2017-08-28 07:01:44 +0000
c36d31ec5d LFI via /proc/*/fd + upload Swissky 2017-08-15 02:37:09 +0200
901d279fb3 RCE no {}, no space Swissky 2017-08-13 16:35:12 +0200
9adb81e6d8 SSRF URL Scheme + XXE Soap Swissky 2017-08-07 21:42:14 +0200
91e3c6906c Merge pull request #7 from rakeshmane/master Swissky 2017-08-07 19:29:35 +0200
6e42b617cc Update README.md Rakesh Mane 2017-08-07 21:22:36 +0530
dad26ce5e5 More Burp Intruder file - SQLi + Path traversal + XSS Swissky 2017-08-06 01:12:41 +0200
694b980817 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings Swissky 2017-08-03 21:36:38 +0200
635b9f87f7 Reverse Shell Cheatsheet Swissky 2017-08-03 21:35:43 +0200
9c9e1cc082 Merge pull request #6 from unl1k3ly/patch-1 Swissky 2017-08-01 11:43:12 +0200
be624c99ca Update README.md unl1k3ly 2017-08-01 08:37:04 +1000
af48fc1ed4 More intruders folder - for BurpSuite Swissky 2017-07-30 13:42:32 +0200
8a3693855f XSS Intruder + Eicar + SSRF http://0 Swissky 2017-07-30 13:17:00 +0200
064467ecfc SSTI + XSS Flash Swissky 2017-07-16 16:30:08 +0200
77e2fc8226 LDAP & XPATH injection + Small fixes and payloads Swissky 2017-07-14 23:40:31 +0200
9907a55c24 Image Magick - More payloads Swissky 2017-07-09 17:16:42 +0200
c4b49fa5ac Open Redirect Payloads updated Swissky 2017-07-06 21:02:19 +0200
6070ece522 Symbolic Link Zip + SQL injection ORDER BY Swissky 2017-07-04 23:17:59 +0200
a1fbd41bbb Wrapper PHP inclusion updated Swissky 2017-07-02 23:10:34 +0200
ab63a537e7 FFMpeg injection - Bypass and explanation Swissky 2017-06-28 22:45:36 +0200
240e46e1e1 XXE via DTD and PHP Filter Swissky 2017-06-28 21:43:30 +0200
43f8367df0 Update Image Tragick payloads Swissky 2017-06-28 10:33:57 +0200
220e9cb8bd FFMpeg HLS - read passwd/shadow Swissky 2017-06-26 21:32:10 +0200
579b3c2d37 Merge pull request #1 from swisskyrepo/master unl1k3ly 2017-06-19 15:33:09 +1000
d97cb891df AWS Bucket : Listings open bucket/reading and access Swissky 2017-06-18 18:42:12 +0200
f131aebce4 SSRF updates and methodology aquatone tool Swissky 2017-06-17 23:20:24 +0200
7c865ab8aa CVE Struts RCE + AWS ls + RCE spaceless Windows + Methodology updated Swissky 2017-06-05 14:57:28 +0200
2e75cbe25a Git insecure files renamed + svn method added Swissky 2017-06-04 17:58:09 +0200
94470a2544 More payloads for XSS/SQL/LFI/Upload and XXE Swissky 2017-06-04 17:22:26 +0200
58aed12c9d CRLF injection updated Swissky 2017-05-29 20:41:05 +0200
e89e4fd312 Methodology updated with RPCClient, User enumeration Swissky 2017-05-17 20:40:45 +0200
62f686dc1f Methodology updated - Dorks, Subdomains, Nmap Swissky 2017-05-01 22:40:36 +0200
00be7d958c README : Bug bounty added Swissky 2017-04-25 23:22:55 +0200
85b62cee39 README update : more books and tools Swissky 2017-04-08 15:59:40 +0200
d21dcdd463 Merge pull request #3 from sokaRepo/master Swissky 2017-04-01 17:57:12 +0200
bb98bd9339 Add Template injections + Jinja template injection Soka 2017-04-01 18:53:43 +0300
76b15d575e Add Template injections + Jinja template injection Soka 2017-04-01 18:48:44 +0300
b57c7c9e3d README - Youtube references Swissky 2017-03-30 20:24:48 +0200
9211d40871 Methodology - The Harvester + Checklist v2 Swissky 2017-03-30 20:20:52 +0200
7e739b02ad Methodology - The Harvester + Checklist Swissky 2017-03-26 20:51:40 +0200