weyne/PayloadsAllTheThings

Fork 0

mirror of https://github.com/weyne85/PayloadsAllTheThings.git synced 2025-10-29 16:57:02 +00:00

Go to file

swisskyrepo 8317ae4a60 PHP Include payloads

2016-10-20 09:39:06 +07:00

CRLF

CRLF Payload

2016-10-18 15:15:43 +07:00

CSV_Injection

Init directory with README

2016-10-18 15:01:56 +07:00

Open_Redirect

Open Redirect Payloads

2016-10-18 15:41:18 +07:00

PHP_Include

PHP Include payloads

2016-10-20 09:39:06 +07:00

PHP_Serialization

XXE payloads

2016-10-18 14:06:10 +07:00

RCE

MySQL Payloads

2016-10-18 13:39:17 +07:00

SQL_Injection

MySQL Payloads

2016-10-18 13:39:17 +07:00

SSRF

SSRF payloads

2016-10-18 14:54:41 +07:00

TAR_Code_Exec

Tar command exec

2016-10-18 18:36:18 +07:00

Traversal_Directory

Traversal Directory payloads

2016-10-19 07:51:24 +07:00

Upload

Upload payloads

2016-10-18 18:13:23 +07:00

XSS

XSS payloads

2016-10-19 23:39:07 +07:00

XXE

XXE payloads

2016-10-18 14:06:10 +07:00

README.md

PHP Include payloads

2016-10-20 09:39:06 +07:00

README.md

a# Payloads All The Things A list of usefull payloads and bypasses for Web Application Security

TODO:

PHP Serialization
CSV Injection

To improve:

RCE
SQL injection
XXE
SSRF
Upload
Tar command exec
Traversal Directory
XSS
PHP Include

TODO v2:

Remove "_" in dir name
Add CVE : Hearbleed and ShellShock ?

/!\ Work in Progress : 40%

Languages

Python 86.2%

Ruby 6.4%

ASP.NET 3.8%

Classic ASP 1.4%

PHP 1.3%

Other 0.8%