This website requires JavaScript.
Explore
Help
Sign In
gitea-mirror
/
PayloadsAllTheThings
Watch
1
Star
0
Fork
0
You've already forked PayloadsAllTheThings
mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced
2025-12-05 20:40:04 -08:00
Code
Issues
Packages
Projects
Releases
Wiki
Activity
1
Commit
2
Branches
7
Tags
gh-pages
Go to file
Add File
New File
Upload File
Apply Patch
Code
Clone
HTTPS
Tea CLI
Open with VS Code
Download ZIP
Download TAR.GZ
Download BUNDLE
Swk
d9e7a93d82
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
_LEARNING_AND_SOCIALS
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
_template_vuln
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Account Takeover
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
API Key Leaks
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
assets
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Brute Force Rate Limit
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Business Logic Errors
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Clickjacking
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Client Side Path Traversal
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Command Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
CONTRIBUTING
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
CORS Misconfiguration
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
CRLF Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Cross-Site Request Forgery
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
CSV Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
CVE Exploits
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Denial of Service
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Dependency Confusion
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Directory Traversal
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
DISCLAIMER
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
DNS Rebinding
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
DOM Clobbering
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Encoding Transformations
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
External Variable Modification
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
File Inclusion
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Google Web Toolkit
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
GraphQL Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Headless Browser
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Hidden Parameters
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
HTTP Parameter Pollution
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Insecure Deserialization
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Insecure Direct Object References
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Insecure Management Interface
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Insecure Randomness
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Insecure Source Code Management
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Java RMI
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
JSON Web Token
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
LaTeX Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
LDAP Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Mass Assignment
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Methodology and Resources
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
NoSQL Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
OAuth Misconfiguration
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Open Redirect
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
ORM Leak
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Prompt Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Prototype Pollution
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Race Condition
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Regular Expression
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Request Smuggling
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Reverse Proxy Misconfigurations
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
SAML Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
search
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Server Side Include Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Server Side Request Forgery
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Server Side Template Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
SQL Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Tabnabbing
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Type Juggling
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Upload Insecure Files
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Virtual Hosts
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Web Cache Deception
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Web Sockets
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
XPATH Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
XSLT Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
XSS Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
XXE Injection
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Zip Slip
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
.nojekyll
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
404.html
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
custom.css
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
index.html
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
LICENSE
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
mkdocs.yml
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
sitemap.xml
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
sitemap.xml.gz
Deployed
ca50df2
with MkDocs version: 1.6.1
2025-11-15 16:37:37 +00:00
Description
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty
bugbounty
bypass
cheatsheet
enumeration
hacking
hacktoberfest
methodology
payload
payloads
penetration-testing
pentest
privilege-escalation
redteam
security
vulnerability
web-application
MIT
48
MiB
Languages
Python
83.8%
Ruby
6.3%
ASP.NET
3.8%
XSLT
2.6%
Classic ASP
1.4%
Other
1.9%
