Top 23 payload Open-Source Projects

• PayloadsAllTheThings

  34 57,582 8.4 Python

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Project mention: php shell not executed in wordpress | /r/hacking | 2023-12-08

Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too

• Scout Monitoring

  www.scoutapm.com featured

  Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

  

• xss-payload-list

  6 5,777 0.0

  🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

  

Project mention: XSS example | /r/bugbounty | 2023-06-15

Like an example XSS payload? Go nuts: https://github.com/payloadbox/xss-payload-list

• bugbounty-cheatsheet

  3 5,610 0.0

  A list of interesting payloads, tips and tricks for bug bounty hunters.

• AllAboutBugBounty

  3 5,467 3.5

  All about bug bounty (bypasses, payloads, and etc)

Project mention: How I hacked chess.com with a rookie exploit | news.ycombinator.com | 2024-01-26

Yeah, pretty close: "On-site request forgery"[0]

[0] https://github.com/daffainfo/AllAboutBugBounty/blob/master/O...

• sql-injection-payload-list

  6 4,474 0.0

  🎯 SQL Injection Payload List

  

Project mention: INTRODUCTION TO WEBSITE HACKING | dev.to | 2024-06-05

Here, the attacker has added a comment -- to bypass the password check, effectively granting them access with just the username. It's a simple yet powerful technique, and there are many more like it in the SQL Injection Payload List on GitHub. A treasure trove of malicious techniques awaits at: https://github.com/payloadbox/sql-injection-payload-list

• usbrubberducky-payloads

  18 3,642 8.2 PowerShell

  The Official USB Rubber Ducky Payload Repository

  

Project mention: Need help with BadKB. Issue with DuckyScript? | /r/flipperzero | 2023-10-30

• payloads

  1 3,527 0.0 Shell

  Git All the Payloads! A collection of web attack payloads. (by foospidy)

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• IntruderPayloads

  2 3,526 1.8 BlitzBasic

  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

• pwndrop

  8 1,893 0.0 JavaScript

  Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

• HackVault

  3 1,876 0.0 JavaScript

  A container repository for my public web hacks!

Project mention: What are polyglots and how to use them as a pentester | dev.to | 2023-12-03

• PoshC2

  1 1,714 0.0 PowerShell

  A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

  

• Chimera

  3 1,313 0.0 PowerShell

  Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

• pixload

  2 1,169 4.5 Perl

  Image Payload Creating/Injecting tools

• defcon27_csharp_workshop

  1 952 10.0 C#

  Writing custom backdoor payloads with C# - Defcon 27 Workshop

• Payloads

  1 840 3.7 PHP

  Payload Arsenal for Pentration Tester and Bug Bounty Hunters (by sh377c0d3)

• ssti-payloads

  1 560 0.0

  🎯 Server Side Template Injection Payloads

  

• Open-Redirect-Payloads

  1 554 10.0 Shell

  Open Redirect Payloads

• RomBuster

  1 441 6.4 Python

  RomBuster is a router exploitation tool that allows to disclosure network router admin password.

  

• AMP-Research

  1 315 3.6 C

  Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks

• badchars

  1 259 10.0 Python

  Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.

• Web_Hacking

  1 194 9.0

  Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Project mention: Web Hacking Toolbox | news.ycombinator.com | 2023-10-05

• Metasploit-termux

  1 183 5.0 Shell

  Install Metasploit In Termux 2023, No Error, Maintained, Termux

• csv-injection-payloads

  2 170 2.1

  🎯 CSV Injection Payloads

  

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

payloads related posts

• What are polyglots and how to use them as a pentester

  1 project | dev.to | 3 Dec 2023

• SC

  2 projects | /r/alphonsusswag | 6 Dec 2022

• A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters

  12 projects | dev.to | 15 Nov 2022

• GitHub - daffainfo/AllAboutBugBounty: All about bug bounty (bypasses, payloads, and etc)

  1 project | /r/hacking | 23 Jun 2022

• Cyber Security resources

  5 projects | dev.to | 18 Jun 2022

• Video file Reverse shell attack

  1 project | /r/hacking | 30 Jan 2022

• There are some script for automate SSTI attacks?

  1 project | /r/HowToHack | 22 Jun 2021
• A note from our sponsor - SaaSHub
  www.saashub.com | 12 Jun 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

Free Django app performance insights with Scout Monitoring

Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

www.scoutapm.com