SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 payload Open-Source Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Scout Monitoring
Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
-
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
-
pwndrop
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
-
PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
-
Chimera
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
-
-
RomBuster
RomBuster is a router exploitation tool that allows to disclosure network router admin password.
-
AMP-Research
Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks
-
badchars
Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
Like an example XSS payload? Go nuts: https://github.com/payloadbox/xss-payload-list
Yeah, pretty close: "On-site request forgery"[0]
[0] https://github.com/daffainfo/AllAboutBugBounty/blob/master/O...
Here, the attacker has added a comment -- to bypass the password check, effectively granting them access with just the username. It's a simple yet powerful technique, and there are many more like it in the SQL Injection Payload List on GitHub. A treasure trove of malicious techniques awaits at: https://github.com/payloadbox/sql-injection-payload-list
payloads discussion
payloads related posts
-
What are polyglots and how to use them as a pentester
-
SC
-
A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters
-
GitHub - daffainfo/AllAboutBugBounty: All about bug bounty (bypasses, payloads, and etc)
-
Cyber Security resources
-
Video file Reverse shell attack
-
There are some script for automate SSTI attacks?
-
A note from our sponsor - SaaSHub
www.saashub.com | 12 Jun 2024
Index
What are some of the best open-source payload projects? This list will help you:
Project | Stars | |
---|---|---|
1 | PayloadsAllTheThings | 57,582 |
2 | xss-payload-list | 5,777 |
3 | bugbounty-cheatsheet | 5,610 |
4 | AllAboutBugBounty | 5,467 |
5 | sql-injection-payload-list | 4,474 |
6 | usbrubberducky-payloads | 3,642 |
7 | payloads | 3,527 |
8 | IntruderPayloads | 3,526 |
9 | pwndrop | 1,893 |
10 | HackVault | 1,876 |
11 | PoshC2 | 1,714 |
12 | Chimera | 1,313 |
13 | pixload | 1,169 |
14 | defcon27_csharp_workshop | 952 |
15 | Payloads | 840 |
16 | ssti-payloads | 560 |
17 | Open-Redirect-Payloads | 554 |
18 | RomBuster | 441 |
19 | AMP-Research | 315 |
20 | badchars | 259 |
21 | Web_Hacking | 194 |
22 | Metasploit-termux | 183 |
23 | csv-injection-payloads | 170 |