Backup_Repos/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2026-04-20 14:00:54 +02:00
Code Issues Projects Releases Wiki Activity
2134 commits 2 branches 7 tags 101 MiB
Commit graph

2134 commits

This branch
This branch
All branches
Author SHA1 Message Date
vladko312
7fb2ff75d7 SSI: 
- Added SSTImap to the tools, as it now supports SSI detection and exploitation
SSTI:
- Added description for known detection and exploitation techniques
- Added payloads for universal detection
- Added universal payloads for different languages
- Added Error-Based and Boolean-Based payloads
- Moved SpEL payloads using `T()` to the correct category
- Moved Pug payloads to the correct language and updated info to reflect the actual name
 2026-01-03 05:20:04 +03:00
Swissky
bd72827e58 ORM leak lint + crapsecret 2026-01-02 19:46:23 +01:00
Swissky
39da0328b8 Indicators for deserialization 2025-12-12 11:32:33 +01:00
Swissky
ba62eed782 SQLite extensions 2025-12-07 19:52:51 +01:00
Swissky
ca50df2336 Fix markdown linting 2025-11-15 17:36:38 +01:00
Swissky
80a6b5e1d0
Merge pull request #806 from Reelix/patch-1 
Fixed missing {FILE} placeholders
 2025-11-15 11:34:17 -05:00
Swissky
e653e7c67b
Merge pull request #802 from Aaditya-Chunekar/patch-1 
hacktoberfest - Update YouTube.md with new resources
 2025-11-15 11:31:35 -05:00
Swissky
24527a5155
Merge pull request #791 from piranhaAD/patch-1 
Correcting the  Payload for xxe ssrf
 2025-11-15 11:19:05 -05:00
Swissky
832b54fd95 Syntax Highlighting SSTI 2025-11-15 17:11:42 +01:00
Swissky
5c0ee4c6d9 SQL injection hashed password + MSSQL links 2025-11-02 18:21:19 +01:00
Reelix
3359054ecf
Fixed missing {FILE} placeholders 
The bottom few options were missing the {FILE} placeholders.

This fixes them.
 2025-10-31 14:22:13 +02:00
Aaditya
9a08798848
hacktoberfest - Update YouTube.md with new resources 
Added LaurieWired and Tib3rius YouTube channels.
 2025-10-22 19:44:31 +05:30
Swissky
d49faf9874 Markdown Fix Lint 2025-10-05 18:54:42 +02:00
Swissky
0dc0978853 Brute Force and Rate Limit 2025-10-05 18:51:11 +02:00
Swissky
fc06c0e13b
Merge pull request #797 from mbiesiad/master 
Update Web Attack Surface.md
 2025-10-02 10:40:26 -04:00
Michal Biesiada
ff57c499cc
Update Web Attack Surface.md 
Missing path added /blob/main/docs/
 2025-10-02 10:50:07 +02:00
Swissky
8cf79275a6
Merge pull request #795 from cclauss/patch-1 
Upgrade GitHub Actions
 2025-10-01 12:47:14 -04:00
Christian Clauss
6409004743
Update GitHub Actions 2025-10-01 14:52:10 +02:00
Christian Clauss
707c06272f
Upgrade GitHub Actions 
* https://github.com/actions/checkout/releases
* https://github.com/actions/setup-python/releases
 2025-10-01 14:49:34 +02:00
Swissky
bd5b09a85b
Merge pull request #793 from DivInstance/chore/mkdocs-edit-link-and-readme-polish 
chore(docs): fix MkDocs edit link and polish README grammar
 2025-09-19 08:48:05 -04:00
Divyaranjan Sahoo
3be0e164ab chore(docs): fix MkDocs edit link and polish README grammar 
- Use edit/master so 'Edit this page' opens the editor
- Standardize punctuation and YouTube casing
 2025-09-19 15:13:54 +05:30
Swissky
ebf2b0d912
Merge pull request #792 from pranjalpokharel7/master 
Remove broken link for SQLite
 2025-09-13 08:15:02 -04:00
pranjalpokharel7
27e6c2aa8d Replace broken link for SQLite with archive link 2025-09-13 07:51:58 +05:45
piranha
aa85b80ace
correction of xxe ssrf payload 
remove the % from the payload as it's not a parametrized entity
 2025-09-09 19:16:45 +01:00
Swissky
b391de2117 Lint fix 2025-08-14 11:09:47 +02:00
Swissky
72df15e2e8
Merge pull request #786 from n3rada/master 
Add Velocity SSTI payloads with base64 command support
 2025-08-13 20:39:34 +02:00
n3rada
f3cdd4ff0c
fix(markdown): add blank lines around fenced code blocks to satisfy MD031 2025-08-13 18:29:00 +00:00
n3rada
d04a38a67c
refactor(template): rename Velocity payload variables for clarity 2025-08-13 18:14:47 +00:00
Swissky
2f9f87bfae
Merge pull request #777 from youknowwho-98/patch-1 
Update NoSQL.txt
 2025-08-13 16:07:06 +02:00
Swissky
0c5b7c3953
Merge pull request #774 from 1PingSun/master 
2025-04-04 Add Detecting Web Cache Deception Content
 2025-08-13 16:04:43 +02:00
Swissky
ad79082eb4
Merge pull request #784 from HackingRepo/patch-2 
Update README.md
 2025-08-13 12:54:25 +02:00
Swissky
cc670aa544 SQL injection - Fix linting errors 2025-08-13 12:07:35 +02:00
Swissky
b10a11041c
Merge pull request #790 from KadirArslan/master 
Improved Prompt Injection Section with Missing Content
 2025-08-13 12:07:13 +02:00
Swissky
81b3f85dc4
Merge pull request #776 from m14r41/patch-1 
enhancement: clarified and expanded details on Second-Order SQL Injec…
 2025-08-13 11:52:43 +02:00
Swissky
6cb0048e22
Update README.md 2025-08-13 11:52:26 +02:00
Swissky
5e0b097983 Virtual Hosts + Encoding and Transformations 2025-08-12 20:59:36 +02:00
Kadir Arslan
cc96a3566d Update README.md 2025-08-06 22:30:25 +03:00
Kadir Arslan
415bdac2c2 Update README.md 2025-08-06 21:50:33 +03:00
Swissky
cd15d85969 Rounding Errors 2025-08-03 16:32:40 +02:00
Swissky
178949896f
Merge pull request #787 from clemensGooooo/master 
Fixed several typos
 2025-07-29 19:09:56 +02:00
clemensGooooo
01a6299b08 Fix several typos 2025-07-29 15:34:52 +02:00
Swissky
ed28a07244 Fix typo in table header 2025-07-26 22:58:51 +02:00
Swissky
7faf14a960 SQL injection - Generic Bypass (Space) 2025-07-26 22:54:45 +02:00
Swissky
ac73b0c619 PDO Prepared Statements 2025-07-26 15:21:23 +02:00
Swissky
61fa0020c5 Reverse Proxy Misconfigurations 2025-07-24 14:06:52 +02:00
n3rada
edbf3386a3
Update Java.md 2025-07-21 18:33:56 +02:00
Swissky
3709358334 Sponsors table with logo and description 2025-07-19 11:05:38 +02:00
Swissky
d1b616812b Sponsors table with logo and description 2025-07-19 11:00:03 +02:00
Swissky
b9af758141 Fix markdownlint configuration 2025-07-18 14:34:03 +02:00
Swissky
aaf084e7f1 Adding SerpApi sponsor 2025-07-18 14:31:46 +02:00