Exploitation Tools

PayloadsAllTheThings – List Of Payloads, WebApp Security Bypass And Pentest/CTF

PayloadsAllTheThings - A List Of Useful Payloads And Bypass For Web Application Security And Pentest/CTF


A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques !

Every section contains the following files, you can use the _template_vuln folder to create a new chapter:

  • README.md – vulnerability description and how to exploit it
  • Intruder – a set of files to give to Burp Intruder
  • Images – pictures for the README.md
  • Files – some files referenced in the README.md

You might also like the Methodology and Resources folder :

You want more ? Check the Books and Youtube videos selections.

About the author

Mazen Elzanaty

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: