Backup_Repos/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2026-05-06 03:22:02 +02:00
Code Issues Projects Releases Wiki Activity

Commit graph

  • 99e17317e6
         Merge 3c96a15f58 into e961fef231 f0rk3b0mb 2026-04-28 09:12:59 +0000
  • 3c96a15f58 added ole automation command execution f0rk3b0mb 2026-04-28 12:07:54 +0300
  • a4a0bd04a9
         Merge 981a76f2fd into e961fef231 f0rk3b0mb 2026-04-28 08:57:32 +0000
  • 981a76f2fd added ole automation command execution f0rk3b0mb 2026-04-28 11:51:38 +0300
  • 40639cf2e4 added ole automation command execution f0rk3b0mb 2026-04-28 11:47:03 +0300
  • d889c59293 added ole automation command execution f0rk3b0mb 2026-04-28 11:40:56 +0300
  • bf6c2a7945
         Merge 0e308abccd into e961fef231 Ridoyp99 2026-04-24 00:43:47 +0600
  • 0e308abccd
         Update imagemagik_ghostscript_reverse_shell.jpg Ridoyp99 2026-04-24 00:43:30 +0600
  • 10b2f20535
         Merge 289573def1 into e961fef231 bootstrapbool 2026-04-23 20:08:19 +0200
  • 4f0728b3c1
         Merge e7c559056f into e961fef231 Khokamoni 2026-04-23 20:08:18 +0200
  • 06d35989e4
         Merge 3a4bf4ce7e into e961fef231 RelunSec 2026-04-23 20:08:02 +0200
  • e802810f6a
         Merge ca657b8e86 into e961fef231 dagecko 2026-04-23 20:08:02 +0200
  • 2abcef39cd
         Merge 8cc37b9597 into e961fef231 sudabg 2026-04-23 20:07:46 +0200
  • 1b3f5e5295
         Merge 647d8d189e into e961fef231 0xBassia 2026-04-23 20:07:46 +0200
  • d0b91c27ac
         Merge a522e1acf3 into e961fef231 Alexandre ZANNI 2026-04-23 20:06:22 +0200
  • 1fcedb0e3e
         Merge b02b2acc12 into e961fef231 Khokamoni 2026-04-23 07:24:48 +0000
  • 7103dadef6
         Merge b1b5e06189 into e961fef231 Siddharth Dushantha 2026-04-23 01:14:34 -0300
  • e6e8d38332 fix: generic.ci.security.bash-reverse-shell.bash_reverse_shell security vulnerability orbisai0security 2026-04-23 01:09:37 +0530
  • 2abc8e8282
         Merge e4c70e750b into e961fef231 Stjepan Jureković 2026-04-22 16:54:29 +0200
  • e4c70e750b
         Fix formatting and update book list in BOOKS.md Stjepan Jureković 2026-04-22 16:54:15 +0200
  • 78d7f393ab Deployed e961fef with MkDocs version: 1.6.1 gh-pages Swk 2026-04-22 14:05:29 +0000
  • e961fef231 Update reference date, fix format master Swissky 2026-04-22 16:04:22 +0200
  • 21ed41deef
         Added AI Agents for Offensive Security to the books Stjepan Jureković 2026-04-22 15:58:38 +0200
  • d4e6eda4ad Normalize commands, callbacks and references Swissky 2026-04-22 15:03:31 +0200
  • 940f1b2bca
         Merge 30a0ec183b into a79b1f5692 Hans-Martin Münch 2026-04-22 20:21:57 +0900
  • 5100f1ef22
         Merge 4604f7bcfb into a79b1f5692 Nguyễn Tiến Dũng 2026-04-22 20:21:57 +0900
  • a79b1f5692
         Merge pull request #839 from liuwlx/codex/csv-injection-sanitize-references Swissky 2026-04-22 13:19:14 +0200
  • 87c2862e1a
         Merge pull request #840 from liuwlx/codex/dependency-confusion-reference-dates Swissky 2026-04-22 13:18:05 +0200
  • 2b6c1267f7 docs: normalize dependency confusion reference dates lwlzxxz 2026-04-22 15:55:41 +0800
  • 06946ade2e docs: sanitize CSV injection examples and normalize references lwlzxxz 2026-04-22 15:41:05 +0800
  • c1aef9f1f8
         Merge 768bc9c037 into 3ca2ecee21 liuwl 2026-04-22 11:50:16 +0800
  • 768bc9c037 docs: add server-side parameter pollution notes lwlzxxz 2026-04-22 11:48:50 +0800
  • 3ca2ecee21 GraphQL update Swissky 2026-04-18 17:45:41 +0200
  • 289573def1 Adds base64 encoded twig payload BootstrapBool 2026-04-15 19:30:00 -0400
  • b02b2acc12
         Create README.md at Web LLM Attacks Khokamoni 2026-04-10 19:45:33 +0600
  • 10ddb7b412
         Delete Web LLM Attacks Khokamoni 2026-04-10 19:37:27 +0600
  • b01b9ec7dd
         Create Web LLM Attacks Khokamoni 2026-04-10 19:30:04 +0600
  • e7c559056f
         Create README.md Khokamoni 2026-04-10 19:15:34 +0600
  • d2976f5bb0
         Create SECURITY.md for security policy Jetti Hrushikesh 2026-04-09 18:26:13 +0530
  • 3b069f0334 PTH Web Archive Swissky 2026-04-08 23:16:30 +0200
  • a41ae2c572 Python Path File Swissky 2026-04-08 22:56:27 +0200
  • 8952c1789b Add appsec.fyi resource link Carl Sampson 2026-04-02 15:27:10 -0400
  • ca657b8e86 fix: pin 2 unpinned action(s) dagecko 2026-03-30 00:16:07 -0400
  • 3a4bf4ce7e
         Add new reference on file upload extension checks RelunSec 2026-03-29 04:09:21 -0400
  • be72f9dead
         Merge 5e68968fbe into f695b0a527 dagecko 2026-03-26 15:14:28 -0400
  • 5e68968fbe fix: pin 2 unpinned action(s) Chris Nyhuis 2026-03-26 15:14:25 -0400
  • 5654397142
         Add PayloadsAllTheThings Integration Tool (patt.py) Claude 2026-03-18 13:22:40 +0000
  • 4604f7bcfb
         Add entity HTML payload in XSS injection Nguyễn Tiến Dũng 2026-03-17 16:29:27 +0100
  • 647d8d189e Add Blockchain & Web3 Security section PentesterTN 2026-03-16 16:52:36 -0400
  • f695b0a527
         Merge pull request #824 from noraj/patch-2 Swissky 2026-03-16 14:57:15 +0100
  • 8cc37b9597 Add application-level path traversal section sudabg 2026-03-16 20:30:07 +0800
  • 8847706138
         XXE zip recompression tips Alexandre ZANNI 2026-03-16 11:49:21 +0100
  • 30a0ec183b
         Add verification section to README Hans-Martin Münch 2026-03-10 13:52:24 +0100
  • a30bb485c9
         Merge 95af3e9bfe into 497fbe925b Houssam Miliani 2026-03-09 17:48:18 +0000
  • 95af3e9bfe
         Update README.md Houssam Miliani 2026-03-09 18:46:32 +0100
  • 497fbe925b Archive external reference links via Wayback Machine Swissky 2026-03-09 13:02:28 +0100
  • 3a05ba42e6
         Merge 6c92ad76d3 into 769b300f4f samark-sec 2026-03-08 02:32:13 +0000
  • 6c92ad76d3
         Update README.md samark-sec 2026-03-08 08:02:02 +0530
  • 769b300f4f SQLi Auth Bypass fix example Swissky 2026-03-04 19:18:40 +0100
  • d8e749cdc5 Fix title error Swissky 2026-03-02 18:23:58 +0100
  • ae9c45f474 Fix markdown linter Swissky 2026-03-02 18:07:33 +0100
  • 2e32d27e47
         Merge pull request #820 from vladko312/master Swissky 2026-03-02 18:05:30 +0100
  • b60551efe9
         Fix CI/CD markdown Swissky 2026-03-02 18:04:20 +0100
  • 3051fc8115
         Fix formatting issues in SpEL section of Java.md Swissky 2026-03-02 17:58:19 +0100
  • 3c063a8616
         Fix formatting for SpEL and OGNL examples in Java.md Swissky 2026-03-02 17:57:38 +0100
  • 5c487edc05
         Change title to 'Elixir Deserialization' and update content Swissky 2026-03-02 17:52:24 +0100
  • f99fe06c2f
         Update Python.md to clarify payload compatibility Swissky 2026-03-02 17:45:36 +0100
  • 33f6da4fd7
         Merge fb0116f982 into 10d41d2e7d Heart 2026-03-02 11:52:49 +0000
  • ceb8923a13
         Merge 85af90646f into 10d41d2e7d G9-dev-real 2026-03-02 11:52:30 +0000
  • dac581547e SSTI: - Added Elixir/EEx payloads - Added OGNL payloads - Clarified SpEL payloads and details - Fixed PHP Error-Based payloads - Added Twig Error-Based payload for CVE-2022-23614 Insecure Deserialization: - Improved Python payloads vladko312 2026-02-22 21:18:54 +0300
  • 10d41d2e7d XS-Leaks Swissky 2026-02-16 17:33:43 +0100
  • 0b76ce0737 CSS Injection Swissky 2026-02-15 17:52:09 +0100
  • 66ef235835
         Merge pull request #818 from HAK3R4LIFE/master Swissky 2026-02-02 12:31:27 +0100
  • 019bd50246
         Merge pull request #819 from ocnu/patch-typo-fix Swissky 2026-02-02 12:30:49 +0100
  • cc6d580cef
         docs: fix typo in README ocnu 2026-02-01 23:51:39 -0600
  • 59d03bb7f2
         Improve clarity in 2FA bypass documentation SCPlayz7000 2026-02-01 14:32:56 -0600
  • f506455d1f
         Create WhatsApp sankupawar9313-ui 2026-01-29 07:43:12 +0530
  • c4d28aeb5d
         Add advanced WAF bypass techniques for SQL injection bad-antics 2026-01-26 11:17:47 -0800
  • 50b8eb957f
         Merge pull request #815 from pgoslatara/actup/update-actions-1768915364 Swissky 2026-01-21 18:39:35 +0100
  • 13aaddf0d2 chore: Update outdated GitHub Actions versions Padraic Slattery 2026-01-20 14:22:44 +0100
  • 7e3f2b9954 Replace Gixy-Next with dvershinin/gixy as the actively maintained fork Danila Vershinin 2026-01-11 16:02:13 +0800
  • a711494a64
         Merge pull request #812 from vladko312/master Swissky 2026-01-03 22:51:40 +0100
  • 08b5c4c868
         Unordered list style [Expected: dash; Actual: asterisk] Swissky 2026-01-03 22:50:37 +0100
  • bec6524774 SSTI: - Fixed NodeJS payloads vladko312 2026-01-03 23:19:26 +0300
  • 09a5f07345 SSI, SSTI: - Improved MarkDown vladko312 2026-01-03 22:20:19 +0300
  • 4831e36fb8
         Merge branch 'master' into master Vladislav Korchagin 2026-01-03 19:06:57 +0300
  • 45661ef925
         Merge pull request #809 from HackingRepo/patch-2 Swissky 2026-01-03 16:57:44 +0100
  • cd548698eb Reverse Proxy Misconfigurations markdown linting Swissky 2026-01-03 16:52:21 +0100
  • b890ac4c9d
         Merge pull request #813 from MegaManSec/master Swissky 2026-01-03 16:48:55 +0100
  • 2c2552d1fe
         Update Gixy-Next link in README.md Swissky 2026-01-03 16:48:14 +0100
  • abbbf2fc95 SSTI: - Fixed NodeJS payloads vladko312 2026-01-03 18:43:24 +0300
  • d345536ff4 Fix markdown linting Swissky 2026-01-03 15:47:05 +0100
  • 41f2f96509
         Merge pull request #808 from Brum3ns/master Swissky 2026-01-03 15:44:38 +0100
  • bb325561a1 add gixy-next Joshua Rogers 2026-01-03 23:33:52 +1100
  • 7fb2ff75d7 SSI: - Added SSTImap to the tools, as it now supports SSI detection and exploitation SSTI: - Added description for known detection and exploitation techniques - Added payloads for universal detection - Added universal payloads for different languages - Added Error-Based and Boolean-Based payloads - Moved SpEL payloads using T() to the correct category - Moved Pug payloads to the correct language and updated info to reflect the actual name vladko312 2026-01-03 05:20:04 +0300
  • bd72827e58 ORM leak lint + crapsecret Swissky 2026-01-02 19:46:23 +0100
  • 20ee859fa1
         Merge 7dfb6bccd1 into 39da0328b8 Pranaww 2025-12-30 06:35:31 +0000
  • 7dfb6bccd1
         Add SSRF via ESI Injection reference Pranaww 2025-12-30 12:02:43 +0530
  • e14f249e62
         Add 'Bypass With An Alias' section to README RelunSec 2025-12-24 10:42:19 -0800
  • c975f61fa0
         Fix typo in README regarding URL formatting RelunSec 2025-12-19 07:48:57 -0800