Packages and Binaries:

payloadsallthethings

A list of useful payloads and bypasses for Web Application Security and Pentest/CTF.

Installed size: 7.52 MB
How to install: sudo apt install payloadsallthethings

  • kali-defaults
payloadsallthethings
[email protected]:~# payloadsallthethings -h

> payloadsallthethings ~ Collection of useful payloads and bypasses

/usr/share/payloadsallthethings
|-- AWS\ Amazon\ Bucket\ S3
|-- CRLF\ Injection
|-- CSRF\ Injection
|-- CSV\ Injection
|-- CVE\ Exploits
|-- Command\ Injection
|-- Directory\ Traversal
|-- File\ Inclusion
|-- GraphQL\ Injection
|-- Insecure\ Deserialization
|-- Insecure\ Direct\ Object\ References
|-- Insecure\ Management\ Interface
|-- Insecure\ Source\ Code\ Management
|-- JSON\ Web\ Token
|-- LDAP\ Injection
|-- LaTeX\ Injection
|-- Methodology\ and\ Resources
|-- NoSQL\ Injection
|-- OAuth
|-- Open\ Redirect
|-- SAML\ Injection
|-- SQL\ Injection
|-- Server\ Side\ Request\ Forgery
|-- Server\ Side\ Template\ Injection
|-- Type\ Juggling
|-- Upload\ Insecure\ Files
|-- Web\ Cache\ Deception
|-- Web\ Sockets
|-- XPATH\ Injection
|-- XSS\ Injection
|-- XXE\ Injection
`-- _template_vuln

Updated on: 2022-May-04