MORPH
SIGN IN SIGN UP
swisskyrepo / PayloadsAllTheThings UNCLAIMED

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

0 0 1 Python
2 branches 7 tags
https://code.morphllm.com/swisskyrepo/PayloadsAllTheThings.git
bounty bugbounty bypass cheatsheet enumeration hacking hacktoberfest methodology payload payloads penetration-testing pentest privilege-escalation redteam security vulnerability web-application
_LEARNING_AND_SOCIALS
_template_vuln
.github
Account Takeover
API Key Leaks
Brute Force Rate Limit
Business Logic Errors
Clickjacking
Client Side Path Traversal
Command Injection
CORS Misconfiguration
CRLF Injection
Cross-Site Request Forgery
CSS Injection
CSV Injection
CVE Exploits
Denial of Service
Dependency Confusion
Directory Traversal
DNS Rebinding
DOM Clobbering
Encoding Transformations
External Variable Modification
File Inclusion
Google Web Toolkit
GraphQL Injection
Headless Browser
Hidden Parameters
HTTP Parameter Pollution
Insecure Deserialization
Insecure Direct Object References
Insecure Management Interface
Insecure Randomness
Insecure Source Code Management
Java RMI
JSON Web Token
LaTeX Injection
LDAP Injection
Mass Assignment
Methodology and Resources
NoSQL Injection
OAuth Misconfiguration
Open Redirect
ORM Leak
Prompt Injection
Prototype Pollution
Race Condition
Regular Expression
Request Smuggling
Reverse Proxy Misconfigurations
SAML Injection
Server Side Include Injection
Server Side Request Forgery
Server Side Template Injection
SQL Injection
Tabnabbing
Type Juggling
Upload Insecure Files
Virtual Hosts
Web Cache Deception
Web Sockets
XPATH Injection
XS-Leak
XSLT Injection
XSS Injection
XXE Injection
Zip Slip
.gitignore
CONTRIBUTING.md
custom.css
DISCLAIMER.md
LICENSE
mkdocs.yml
README.md