1058 Open source projects that are alternatives of or similar to Sql Injection Payload List

🎯 Server Side Template Injection Payloads

🎯 XML External Entity (XXE) Injection Payload List

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

🎯 RFI/LFI Payload List

🎯 Command Injection Payload List

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Git All the Payloads! A collection of web attack payloads.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

🎯 Open Redirect Payload List

Automated NoSQL database enumeration and web application exploitation tool.

Web path scanner

Rockyou for web fuzzing

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

The purpose of this tool is to test the window10 defender protection and also other antivirus protection.

Image Payload Creating/Injecting tools

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Making Favicon.ico based Recon Great again !

XSS Payload without Anything.

HatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.

BugBounty Tool

Vulnerable website scraper

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Automated Red Team Infrastructure deployement using Docker

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A tool to fastly get all javascript sources/files

Deliberately vulnerable scripts for Web Security training

NodeJS Red-Team Cheat Sheet

Powerfull XSS Scanning and Parameter analysis tool&gem

Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.

Damn Vulnerable Web Application (DVWA)

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Keeping Twitter for macOS alive with code injection

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

This repository contains payload to test NoSQL Injections

Web Application Security Scanner Framework

Awesome cloud enumerator

A list of interesting payloads, tips and tricks for bug bounty hunters.

This repository contains full code examples from the book Gray Hat C#

SQL Injection Payload List

OSINT

🎯 PHP / ASP - Shell Backdoor List 🎯

平常看到好的渗透hacking工具和多领域效率工具的集合

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Top disclosed reports from HackerOne

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set up, and utilize.

hack tools

Quick SQLMap Tamper Suggester