Backup_Repos/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2026-03-15 18:04:28 +01:00

Author	SHA1	Message	Date
Swissky	497fbe925b	Archive external reference links via Wayback Machine Replace direct URLs in Markdown references with their web.archive.org equivalents to prevent link rot.	2026-03-09 13:02:28 +01:00
Swissky	769b300f4f	SQLi Auth Bypass fix example	2026-03-04 19:18:40 +01:00
Swissky	d8e749cdc5	Fix title error	2026-03-02 18:23:58 +01:00
Swissky	ae9c45f474	Fix markdown linter	2026-03-02 18:07:33 +01:00
Swissky	2e32d27e47	Merge pull request #820 from vladko312/master SSTI and Insecure Deserialization improvements based on the new version of my research	2026-03-02 18:05:30 +01:00
Swissky	b60551efe9	Fix CI/CD markdown	2026-03-02 18:04:20 +01:00
Swissky	3051fc8115	Fix formatting issues in SpEL section of Java.md	2026-03-02 17:58:19 +01:00
Swissky	3c063a8616	Fix formatting for SpEL and OGNL examples in Java.md	2026-03-02 17:57:38 +01:00
Swissky	5c487edc05	Change title to 'Elixir Deserialization' and update content Updated the title and provided a brief overview of Server-Side Template Injection in Elixir.	2026-03-02 17:52:24 +01:00
Swissky	f99fe06c2f	Update Python.md to clarify payload compatibility Removed note about platform-specific payloads and added information on creating a universal payload using eval.	2026-03-02 17:45:36 +01:00
vladko312	dac581547e	SSTI: - Added Elixir/EEx payloads - Added OGNL payloads - Clarified SpEL payloads and details - Fixed PHP Error-Based payloads - Added Twig Error-Based payload for CVE-2022-23614 Insecure Deserialization: - Improved Python payloads	2026-02-22 21:18:54 +03:00
Swissky	10d41d2e7d	XS-Leaks	2026-02-16 17:33:43 +01:00
Swissky	0b76ce0737	CSS Injection	2026-02-15 17:52:09 +01:00
Swissky	66ef235835	Merge pull request #818 from HAK3R4LIFE/master Improve clarity in 2FA bypass documentation	2026-02-02 12:31:27 +01:00
Swissky	019bd50246	Merge pull request #819 from ocnu/patch-typo-fix Fix small typo in README	2026-02-02 12:30:49 +01:00
ocnu	cc6d580cef	docs: fix typo in README Corrected the spelling of commiting to committing for better readability.	2026-02-01 23:51:39 -06:00
SCPlayz7000	59d03bb7f2	Improve clarity in 2FA bypass documentation Corrected grammar and phrasing in the 2FA bypass documentation for clarity.	2026-02-01 14:32:56 -06:00
Swissky	50b8eb957f	Merge pull request #815 from pgoslatara/actup/update-actions-1768915364 chore: Update outdated GitHub Actions versions	2026-01-21 18:39:35 +01:00
Padraic Slattery	13aaddf0d2	chore: Update outdated GitHub Actions versions	2026-01-20 14:22:44 +01:00
Swissky	a711494a64	Merge pull request #812 from vladko312/master New SSTI payloads for Error-Based and Boolean-Based techniques	2026-01-03 22:51:40 +01:00
Swissky	08b5c4c868	Unordered list style [Expected: dash; Actual: asterisk]	2026-01-03 22:50:37 +01:00
vladko312	bec6524774	SSTI: - Fixed NodeJS payloads	2026-01-03 23:19:26 +03:00
vladko312	09a5f07345	SSI, SSTI: - Improved MarkDown	2026-01-03 22:20:19 +03:00
Vladislav Korchagin	4831e36fb8	Merge branch 'master' into master	2026-01-03 19:06:57 +03:00
Swissky	45661ef925	Merge pull request #809 from HackingRepo/patch-2 Update README with URL parsing examples	2026-01-03 16:57:44 +01:00
Swissky	cd548698eb	Reverse Proxy Misconfigurations markdown linting	2026-01-03 16:52:21 +01:00
Swissky	b890ac4c9d	Merge pull request #813 from MegaManSec/master add gixy-next	2026-01-03 16:48:55 +01:00
Swissky	2c2552d1fe	Update Gixy-Next link in README.md	2026-01-03 16:48:14 +01:00
vladko312	abbbf2fc95	SSTI: - Fixed NodeJS payloads	2026-01-03 18:43:24 +03:00
Swissky	d345536ff4	Fix markdown linting	2026-01-03 15:47:05 +01:00
Swissky	41f2f96509	Merge pull request #808 from Brum3ns/master Updated SSTI with novel obfuscation payloads	2026-01-03 15:44:38 +01:00
Joshua Rogers	bb325561a1	add gixy-next	2026-01-03 23:34:47 +11:00
vladko312	7fb2ff75d7	SSI: - Added SSTImap to the tools, as it now supports SSI detection and exploitation SSTI: - Added description for known detection and exploitation techniques - Added payloads for universal detection - Added universal payloads for different languages - Added Error-Based and Boolean-Based payloads - Moved SpEL payloads using `T()` to the correct category - Moved Pug payloads to the correct language and updated info to reflect the actual name	2026-01-03 05:20:04 +03:00
Swissky	bd72827e58	ORM leak lint + crapsecret	2026-01-02 19:46:23 +01:00
RelunSec	c975f61fa0	Fix typo in README regarding URL formatting	2025-12-19 07:48:57 -08:00
RelunSec	09bdd83685	Update README with URL parsing examples Added examples of URL formats and parser behaviors.	2025-12-18 23:41:37 -08:00
brumens	a957c3f96d	Fixed markdown linting	2025-12-15 11:30:06 +01:00
Swissky	39da0328b8	Indicators for deserialization	2025-12-12 11:32:33 +01:00
Swissky	ba62eed782	SQLite extensions	2025-12-07 19:52:51 +01:00
brumens	5f1a39d272	Added author to research reference	2025-12-03 14:09:02 +01:00
brumens	3cf745b90c	Added Jinja and Mako obf payloads	2025-12-03 14:07:37 +01:00
brumens	e2ce1c96dc	Added Smarty and Twig obf payload	2025-12-03 14:05:41 +01:00
brumens	7ca2ca2a75	Added Groovy and FreeMarker obf payloads	2025-12-03 13:58:49 +01:00
brumens	52daa1d820	Updated SSTI Reference	2025-12-03 13:58:27 +01:00
Swissky	ca50df2336	Fix markdown linting	2025-11-15 17:36:38 +01:00
Swissky	80a6b5e1d0	Merge pull request #806 from Reelix/patch-1 Fixed missing {FILE} placeholders	2025-11-15 11:34:17 -05:00
Swissky	e653e7c67b	Merge pull request #802 from Aaditya-Chunekar/patch-1 hacktoberfest - Update YouTube.md with new resources	2025-11-15 11:31:35 -05:00
Swissky	24527a5155	Merge pull request #791 from piranhaAD/patch-1 Correcting the Payload for xxe ssrf	2025-11-15 11:19:05 -05:00
Swissky	832b54fd95	Syntax Highlighting SSTI	2025-11-15 17:11:42 +01:00
Swissky	5c0ee4c6d9	SQL injection hashed password + MSSQL links	2025-11-02 18:21:19 +01:00

1 2 3 4 5 ...

2174 commits