swisskyrepo/PayloadsAllTheThings
1
76.4k
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2026-03-27 14:51:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • bc27e467d0 Deployed f695b0a with MkDocs version: 1.6.1 gh-pages Swk 2026-03-16 13:58:02 +00:00
  • f695b0a527 Merge pull request #824 from noraj/patch-2 master Swissky 2026-03-16 14:57:15 +01:00
  • 8847706138 XXE zip recompression tips Alexandre ZANNI 2026-03-16 11:49:21 +01:00
  • 497fbe925b Archive external reference links via Wayback Machine Swissky 2026-03-09 13:02:28 +01:00
  • 769b300f4f SQLi Auth Bypass fix example Swissky 2026-03-04 19:18:40 +01:00
  • d8e749cdc5 Fix title error Swissky 2026-03-02 18:23:58 +01:00
  • ae9c45f474 Fix markdown linter Swissky 2026-03-02 18:07:33 +01:00
  • 2e32d27e47 Merge pull request #820 from vladko312/master Swissky 2026-03-02 18:05:30 +01:00
  • b60551efe9 Fix CI/CD markdown Swissky 2026-03-02 18:04:20 +01:00
  • 3051fc8115 Fix formatting issues in SpEL section of Java.md Swissky 2026-03-02 17:58:19 +01:00
  • 3c063a8616 Fix formatting for SpEL and OGNL examples in Java.md Swissky 2026-03-02 17:57:38 +01:00
  • 5c487edc05 Change title to 'Elixir Deserialization' and update content Swissky 2026-03-02 17:52:24 +01:00
  • f99fe06c2f Update Python.md to clarify payload compatibility Swissky 2026-03-02 17:45:36 +01:00
  • dac581547e SSTI: - Added Elixir/EEx payloads - Added OGNL payloads - Clarified SpEL payloads and details - Fixed PHP Error-Based payloads - Added Twig Error-Based payload for CVE-2022-23614 Insecure Deserialization: - Improved Python payloads vladko312 2026-02-22 21:18:54 +03:00
  • 10d41d2e7d XS-Leaks Swissky 2026-02-16 17:33:43 +01:00
  • 0b76ce0737 CSS Injection Swissky 2026-02-15 17:52:09 +01:00
  • 66ef235835 Merge pull request #818 from HAK3R4LIFE/master Swissky 2026-02-02 12:31:27 +01:00
  • 019bd50246 Merge pull request #819 from ocnu/patch-typo-fix Swissky 2026-02-02 12:30:49 +01:00
  • cc6d580cef docs: fix typo in README ocnu 2026-02-01 23:51:39 -06:00
  • 59d03bb7f2 Improve clarity in 2FA bypass documentation SCPlayz7000 2026-02-01 14:32:56 -06:00
  • 50b8eb957f Merge pull request #815 from pgoslatara/actup/update-actions-1768915364 Swissky 2026-01-21 18:39:35 +01:00
  • 13aaddf0d2 chore: Update outdated GitHub Actions versions Padraic Slattery 2026-01-20 14:22:44 +01:00
  • a711494a64 Merge pull request #812 from vladko312/master Swissky 2026-01-03 22:51:40 +01:00
  • 08b5c4c868 Unordered list style [Expected: dash; Actual: asterisk] Swissky 2026-01-03 22:50:37 +01:00
  • bec6524774 SSTI: - Fixed NodeJS payloads vladko312 2026-01-03 23:19:26 +03:00
  • 09a5f07345 SSI, SSTI: - Improved MarkDown vladko312 2026-01-03 22:20:19 +03:00
  • 4831e36fb8 Merge branch 'master' into master Vladislav Korchagin 2026-01-03 19:06:57 +03:00
  • 45661ef925 Merge pull request #809 from HackingRepo/patch-2 Swissky 2026-01-03 16:57:44 +01:00
  • cd548698eb Reverse Proxy Misconfigurations markdown linting Swissky 2026-01-03 16:52:21 +01:00
  • b890ac4c9d Merge pull request #813 from MegaManSec/master Swissky 2026-01-03 16:48:55 +01:00
  • 2c2552d1fe Update Gixy-Next link in README.md Swissky 2026-01-03 16:48:14 +01:00
  • abbbf2fc95 SSTI: - Fixed NodeJS payloads vladko312 2026-01-03 18:43:24 +03:00
  • d345536ff4 Fix markdown linting Swissky 2026-01-03 15:47:05 +01:00
  • 41f2f96509 Merge pull request #808 from Brum3ns/master Swissky 2026-01-03 15:44:38 +01:00
  • bb325561a1 add gixy-next Joshua Rogers 2026-01-03 23:33:52 +11:00
  • 7fb2ff75d7 SSI: - Added SSTImap to the tools, as it now supports SSI detection and exploitation SSTI: - Added description for known detection and exploitation techniques - Added payloads for universal detection - Added universal payloads for different languages - Added Error-Based and Boolean-Based payloads - Moved SpEL payloads using T() to the correct category - Moved Pug payloads to the correct language and updated info to reflect the actual name vladko312 2026-01-03 05:20:04 +03:00
  • bd72827e58 ORM leak lint + crapsecret Swissky 2026-01-02 19:46:23 +01:00
  • c975f61fa0 Fix typo in README regarding URL formatting RelunSec 2025-12-19 07:48:57 -08:00
  • 09bdd83685 Update README with URL parsing examples RelunSec 2025-12-18 23:41:37 -08:00
  • a957c3f96d Fixed markdown linting brumens 2025-12-15 11:30:06 +01:00
  • 39da0328b8 Indicators for deserialization Swissky 2025-12-12 11:32:33 +01:00
  • ba62eed782 SQLite extensions Swissky 2025-12-07 19:52:51 +01:00
  • 5f1a39d272 Added author to research reference brumens 2025-12-03 14:09:02 +01:00
  • 3cf745b90c Added Jinja and Mako obf payloads brumens 2025-12-03 14:07:37 +01:00
  • e2ce1c96dc Added Smarty and Twig obf payload brumens 2025-12-03 14:05:41 +01:00
  • 7ca2ca2a75 Added Groovy and FreeMarker obf payloads brumens 2025-12-03 13:58:49 +01:00
  • 52daa1d820 Updated SSTI Reference brumens 2025-12-03 13:58:27 +01:00
  • ca50df2336 Fix markdown linting Swissky 2025-11-15 17:36:38 +01:00
  • 80a6b5e1d0 Merge pull request #806 from Reelix/patch-1 Swissky 2025-11-15 11:34:17 -05:00
  • e653e7c67b Merge pull request #802 from Aaditya-Chunekar/patch-1 Swissky 2025-11-15 11:31:35 -05:00
  • 24527a5155 Merge pull request #791 from piranhaAD/patch-1 Swissky 2025-11-15 11:19:05 -05:00
  • 832b54fd95 Syntax Highlighting SSTI Swissky 2025-11-15 17:11:42 +01:00
  • 5c0ee4c6d9 SQL injection hashed password + MSSQL links Swissky 2025-11-02 18:21:19 +01:00
  • 3359054ecf Fixed missing {FILE} placeholders Reelix 2025-10-31 14:22:13 +02:00
  • 9a08798848 hacktoberfest - Update YouTube.md with new resources Aaditya 2025-10-22 19:44:31 +05:30
  • d49faf9874 Markdown Fix Lint Swissky 2025-10-05 18:54:42 +02:00
  • 0dc0978853 Brute Force and Rate Limit Swissky 2025-10-05 18:51:11 +02:00
  • fc06c0e13b Merge pull request #797 from mbiesiad/master Swissky 2025-10-02 10:40:26 -04:00
  • ff57c499cc Update Web Attack Surface.md Michal Biesiada 2025-10-02 10:50:07 +02:00
  • 8cf79275a6 Merge pull request #795 from cclauss/patch-1 Swissky 2025-10-01 12:47:14 -04:00
  • 6409004743 Update GitHub Actions Christian Clauss 2025-10-01 14:52:10 +02:00
  • 707c06272f Upgrade GitHub Actions Christian Clauss 2025-10-01 14:49:34 +02:00
  • bd5b09a85b Merge pull request #793 from DivInstance/chore/mkdocs-edit-link-and-readme-polish Swissky 2025-09-19 08:48:05 -04:00
  • 3be0e164ab chore(docs): fix MkDocs edit link and polish README grammar Divyaranjan Sahoo 2025-09-19 15:13:54 +05:30
  • ebf2b0d912 Merge pull request #792 from pranjalpokharel7/master Swissky 2025-09-13 08:15:02 -04:00
  • 27e6c2aa8d Replace broken link for SQLite with archive link pranjalpokharel7 2025-09-12 18:19:26 +05:45
  • aa85b80ace correction of xxe ssrf payload piranha 2025-09-09 19:16:45 +01:00
  • b391de2117 Lint fix Swissky 2025-08-14 11:09:47 +02:00
  • 72df15e2e8 Merge pull request #786 from n3rada/master Swissky 2025-08-13 20:39:34 +02:00
  • f3cdd4ff0c fix(markdown): add blank lines around fenced code blocks to satisfy MD031 n3rada 2025-08-13 18:29:00 +00:00
  • d04a38a67c refactor(template): rename Velocity payload variables for clarity n3rada 2025-08-13 18:14:47 +00:00
  • 2f9f87bfae Merge pull request #777 from youknowwho-98/patch-1 Swissky 2025-08-13 16:07:06 +02:00
  • 0c5b7c3953 Merge pull request #774 from 1PingSun/master Swissky 2025-08-13 16:04:43 +02:00
  • ad79082eb4 Merge pull request #784 from HackingRepo/patch-2 Swissky 2025-08-13 12:54:25 +02:00
  • cc670aa544 SQL injection - Fix linting errors Swissky 2025-08-13 12:07:35 +02:00
  • b10a11041c Merge pull request #790 from KadirArslan/master Swissky 2025-08-13 12:07:13 +02:00
  • 81b3f85dc4 Merge pull request #776 from m14r41/patch-1 Swissky 2025-08-13 11:52:43 +02:00
  • 6cb0048e22 Update README.md Swissky 2025-08-13 11:52:26 +02:00
  • 5e0b097983 Virtual Hosts + Encoding and Transformations Swissky 2025-08-12 20:59:36 +02:00
  • cc96a3566d Update README.md Kadir Arslan 2025-08-06 22:30:25 +03:00
  • 415bdac2c2 Update README.md Kadir Arslan 2025-08-06 21:50:33 +03:00
  • cd15d85969 Rounding Errors Swissky 2025-08-03 16:32:40 +02:00
  • 178949896f Merge pull request #787 from clemensGooooo/master Swissky 2025-07-29 19:09:56 +02:00
  • 01a6299b08 Fix several typos clemensGooooo 2025-07-29 15:34:52 +02:00
  • ed28a07244 Fix typo in table header Swissky 2025-07-26 22:58:51 +02:00
  • 7faf14a960 SQL injection - Generic Bypass (Space) Swissky 2025-07-26 22:54:45 +02:00
  • ac73b0c619 PDO Prepared Statements 4.2 Swissky 2025-07-26 15:21:23 +02:00
  • 61fa0020c5 Reverse Proxy Misconfigurations Swissky 2025-07-24 14:06:52 +02:00
  • edbf3386a3 Update Java.md n3rada 2025-07-21 18:33:56 +02:00
  • 3709358334 Sponsors table with logo and description Swissky 2025-07-19 11:05:38 +02:00
  • d1b616812b Sponsors table with logo and description Swissky 2025-07-19 11:00:03 +02:00
  • b9af758141 Fix markdownlint configuration Swissky 2025-07-18 14:34:03 +02:00
  • aaf084e7f1 Adding SerpApi sponsor Swissky 2025-07-18 14:31:46 +02:00
  • 2c1d30dd1e Update README.md Anonymous ethc4 2025-07-16 11:20:25 -04:00
  • dc33caaceb Merge pull request #781 from stenzzor/patch-1 Swissky 2025-07-10 10:26:03 +02:00
  • d168dedaa3 Update README.md stën 2025-07-09 19:04:51 +04:00
  • 3fd2f8c481 Headless Browser + JSON Jackson Swissky 2025-07-02 22:23:13 +02:00
  • aaf6bdf394 Merge pull request #779 from florianamette/patch-1 Swissky 2025-05-22 22:32:26 +02:00
  • eca827005a Update Generic_TimeBased.txt F4K 2025-05-22 11:44:06 +02:00
  • bb8cab1ea3 Update Source Code Management Links Swissky 2025-05-10 22:04:38 +02:00