PayloadsAllTheThings/README.md

# Payloads All The Things
A list of useful payloads and bypasses for Web Application Security.
Feel free to improve with your payloads and techniques !
I <3 pull requests :)

All sections contain:
  - README.md - vulnerability description and how to exploit it
  - Intruders - a set of files to give to Burp Intruder
  - Some exploits

You might also like :
 - [Methodology and Resources](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/)
 - [CVE Exploits](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE%20Exploits)
    - Shellshock
    - HeartBleed
    - Apache Struts 2

## Tools
* [Kali Linux](https://www.kali.org/)
* [Web Developer](https://addons.mozilla.org/en-Gb/firefox/addon/web-developer/)
* [Hackbar](https://addons.mozilla.org/en-Gb/firefox/addon/hackbar/?src=search) - Not compatible with Firefox Quantum
* [Burp Proxy](https://portswigger.net)
* [Fiddler](https://www.telerik.com/download/fiddler)
* [DirBuster](https://sourceforge.net/projects/dirbuster/)
* [GoBuster](https://github.com/OJ/gobuster)
* [Knockpy](https://github.com/guelfoweb/knock)
* [SQLmap](http://sqlmap.org)
* [Nikto](https://cirt.net/nikto2)
* [Nessus](http://www.tenable.com/products/nessus-vulnerability-scanner)
* [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng)
* [Wappalyzer](https://wappalyzer.com/download)
* [Metasploit](https://www.metasploit.com/)
* [OpenVAS](http://www.openvas.org/)


## Online Challenges
* [Hack The Box](hackthebox.eu/)
* [Root-Me](https://www.root-me.org)
* [Zenk-Security](https://www.zenk-security.com/epreuves.php)
* [W3Challs](https://w3challs.com/)
* [NewbieContest](https://www.newbiecontest.org/)
* [Vulnhub](https://www.vulnhub.com/)
* [The Cryptopals Crypto Challenges](https://cryptopals.com/)
* [Penetration Testing Practice Labs](http://www.amanhardikar.com/mindmaps/Practice.html)
* [alert(1) to win](https://alf.nu/alert1)
* [Hacksplaining](https://www.hacksplaining.com/exercises)
* [HackThisSite](https://hackthissite.org)
* [PentesterLab : Learn Web Penetration Testing: The Right Way](https://pentesterlab.com/)
* [Hackers.gg](hackers.gg)

## Bug Bounty
* [HackerOne](https://hackerone.com)
* [BugCrowd](https://bugcrowd.com)
* [Bounty Factory](https://bountyfactory.io)
* [List of Bounty Program](https://bugcrowd.com/list-of-bug-bounty-programs/)

## Docker
| Command     | Link |
| :------------- | :------------- |
| `docker pull remnux/metasploit` | [docker-metasploit](https://hub.docker.com/r/remnux/metasploit/) |
| `docker pull paoloo/sqlmap`     | [docker-sqlmap](https://hub.docker.com/r/paoloo/sqlmap/)         |
| `docker pull kalilinux/kali-linux-docker` | [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) |
| `docker pull owasp/zap2docker-stable` | [official OWASP ZAP](https://github.com/zaproxy/zaproxy) |
| `docker pull wpscanteam/wpscan`       | [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) |
| `docker pull infoslack/dvwa`          | [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/infoslack/dvwa/) |
| `docker pull danmx/docker-owasp-webgoat` | [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/) |
| `docker pull opendns/security-ninjas` | [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) |
| `docker pull ismisepaul/securityshepherd` | [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) |
| `docker-compose build && docker-compose up` | [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker) |
| `docker pull citizenstig/nowasp` | [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) |
| `docker pull bkimminich/juice-shop` | [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container) |


## More resources
### Book's list:
* [Web Hacking 101](https://leanpub.com/web-hacking-101)
* [OWASP Testing Guide v4](https://www.owasp.org/index.php/OWASP_Testing_Project)
* [Penetration Testing: A Hands-On Introduction to Hacking](http://amzn.to/2dhHTSn)
* [The Hacker Playbook 2: Practical Guide to Penetration Testing](http://amzn.to/2d9wYKa)
* [The Mobile Application Hacker’s Handbook](http://amzn.to/2cVOIrE)
* [Black Hat Python: Python Programming for Hackers and Pentesters](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900)
* [Metasploit: The Penetration Tester's Guide](https://www.nostarch.com/metasploit)
* [The Database Hacker's Handbook, David Litchfield et al., 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html)
* [The Shellcoders Handbook by Chris Anley et al., 2007](http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html)
* [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html)
* [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html)
* [iOS Hackers Handbook by Charlie Miller et al., 2012](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html)
* [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html)
* [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html)
* [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html)
* [Car Hacker's Handbook by Craig Smith, 2016](https://www.nostarch.com/carhacking)

### Blogs/Websites
* http://blog.zsec.uk/101-web-testing-tooling/
* https://blog.innerht.ml
* https://blog.zsec.uk
* https://www.exploit-db.com/google-hacking-database
* https://www.arneswinnen.net
* https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102

### Youtube
* [Hunting for Top Bounties - Nicolas Grégoire](https://www.youtube.com/watch?v=mQjTgDuLsp4)
* [BSidesSF 101 The Tales of a Bug Bounty Hunter - Arne Swinnen](https://www.youtube.com/watch?v=dsekKYNLBbc)
* [Security Fest 2016 The Secret life of a Bug Bounty Hunter - Frans Rosén](https://www.youtube.com/watch?v=KDo68Laayh8)
* [IppSec Channel - Hack The Box Writeups](https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA)
-												CVE Heartbleed and Shellshcok added

											
										
										
											2016-10-20 02:54:29 +00:00
+								# Payloads All The Things
-												README : Bug bounty added

											
										
										
											2017-04-25 21:22:55 +00:00
+								A list of useful payloads and bypasses for Web Application Security.
-												Enumeration added and improvement for CRLF/XSS/SQL

											
										
										
											2016-11-02 13:26:00 +00:00
+								Feel free to improve with your payloads and techniques !
 								I <3 pull requests :)
-												XXE payloads

											
										
										
											2016-10-18 07:06:10 +00:00
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
+								All sections contain:
 								  - README.md - vulnerability description and how to exploit it
 								  - Intruders - a set of files to give to Burp Intruder
 								  - Some exploits
 								You might also like :
-												Fix README broken links

											
										
										
											2018-03-25 21:51:22 +00:00
+								 - [Methodology and Resources](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/)
 								 - [CVE Exploits](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE%20Exploits)
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
+								    - Shellshock
 								    - HeartBleed
 								    - Apache Struts 2
 								## Tools
-												README update : more books and tools

											
										
										
											2017-04-08 13:59:40 +00:00
+								* [Kali Linux](https://www.kali.org/)
-												Update README.md

Correct misspelling.
											
										
										
											2018-03-27 16:51:39 +00:00
+								* [Web Developer](https://addons.mozilla.org/en-Gb/firefox/addon/web-developer/)
-												Update README.md

Added OpenVAS to tools
Added Hackers.gg to Online Challenges
Added note regarding Firefox Quantum and Hackbar.
											
										
										
											2018-03-27 23:55:14 +00:00
+								* [Hackbar](https://addons.mozilla.org/en-Gb/firefox/addon/hackbar/?src=search) - Not compatible with Firefox Quantum
-												XXE renamed, little updates in SQL/Include + enum

											
										
										
											2016-11-03 16:56:15 +00:00
+								* [Burp Proxy](https://portswigger.net)
 								* [Fiddler](https://www.telerik.com/download/fiddler)
 								* [DirBuster](https://sourceforge.net/projects/dirbuster/)
 								* [GoBuster](https://github.com/OJ/gobuster)
 								* [Knockpy](https://github.com/guelfoweb/knock)
 								* [SQLmap](http://sqlmap.org)
 								* [Nikto](https://cirt.net/nikto2)
-												README update : more books and tools

											
										
										
											2017-04-08 13:59:40 +00:00
+								* [Nessus](http://www.tenable.com/products/nessus-vulnerability-scanner)
-												XXE renamed, little updates in SQL/Include + enum

											
										
										
											2016-11-03 16:56:15 +00:00
+								* [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng)
-												Methodology added, XSS payloads updated,little fix

											
										
										
											2016-11-06 05:42:50 +00:00
+								* [Wappalyzer](https://wappalyzer.com/download)
-												README update : more books and tools

											
										
										
											2017-04-08 13:59:40 +00:00
+								* [Metasploit](https://www.metasploit.com/)
-												Update README.md

Added OpenVAS to tools
Added Hackers.gg to Online Challenges
Added note regarding Firefox Quantum and Hackbar.
											
										
										
											2018-03-27 23:55:14 +00:00
+								* [OpenVAS](http://www.openvas.org/)
-												README update : more books and tools

											
										
										
											2017-04-08 13:59:40 +00:00
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
+								## Online Challenges
 								* [Hack The Box](hackthebox.eu/)
 								* [Root-Me](https://www.root-me.org)
 								* [Zenk-Security](https://www.zenk-security.com/epreuves.php)
 								* [W3Challs](https://w3challs.com/)
 								* [NewbieContest](https://www.newbiecontest.org/)
 								* [Vulnhub](https://www.vulnhub.com/)
 								* [The Cryptopals Crypto Challenges](https://cryptopals.com/)
 								* [Penetration Testing Practice Labs](http://www.amanhardikar.com/mindmaps/Practice.html)
 								* [alert(1) to win](https://alf.nu/alert1)
 								* [Hacksplaining](https://www.hacksplaining.com/exercises)
 								* [HackThisSite](https://hackthissite.org)
 								* [PentesterLab : Learn Web Penetration Testing: The Right Way](https://pentesterlab.com/)
-												Update README.md

Added OpenVAS to tools
Added Hackers.gg to Online Challenges
Added note regarding Firefox Quantum and Hackbar.
											
										
										
											2018-03-27 23:55:14 +00:00
+								* [Hackers.gg](hackers.gg)
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
 								## Bug Bounty
 								* [HackerOne](https://hackerone.com)
 								* [BugCrowd](https://bugcrowd.com)
 								* [Bounty Factory](https://bountyfactory.io)
 								* [List of Bounty Program](https://bugcrowd.com/list-of-bug-bounty-programs/)
 								## Docker
 								| Command     | Link |
 								| :------------- | :------------- |
 								| `docker pull remnux/metasploit` | [docker-metasploit](https://hub.docker.com/r/remnux/metasploit/) |
 								| `docker pull paoloo/sqlmap`     | [docker-sqlmap](https://hub.docker.com/r/paoloo/sqlmap/)         |
 								| `docker pull kalilinux/kali-linux-docker` | [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) |
 								| `docker pull owasp/zap2docker-stable` | [official OWASP ZAP](https://github.com/zaproxy/zaproxy) |
 								| `docker pull wpscanteam/wpscan`       | [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) |
 								| `docker pull infoslack/dvwa`          | [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/infoslack/dvwa/) |
 								| `docker pull danmx/docker-owasp-webgoat` | [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/) |
 								| `docker pull opendns/security-ninjas` | [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) |
 								| `docker pull ismisepaul/securityshepherd` | [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) |
 								| `docker-compose build && docker-compose up` | [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker) |
 								| `docker pull citizenstig/nowasp` | [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) |
 								| `docker pull bkimminich/juice-shop` | [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container) |
-												README update : more books and tools

											
										
										
											2017-04-08 13:59:40 +00:00
-												Enumeration added and improvement for CRLF/XSS/SQL

											
										
										
											2016-11-02 13:26:00 +00:00
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
+								## More resources
 								### Book's list:
-												Update ReadMe Practice and Book + SQLi

											
										
										
											2017-02-07 08:53:48 +00:00
+								* [Web Hacking 101](https://leanpub.com/web-hacking-101)
 								* [OWASP Testing Guide v4](https://www.owasp.org/index.php/OWASP_Testing_Project)
 								* [Penetration Testing: A Hands-On Introduction to Hacking](http://amzn.to/2dhHTSn)
 								* [The Hacker Playbook 2: Practical Guide to Penetration Testing](http://amzn.to/2d9wYKa)
 								* [The Mobile Application Hacker’s Handbook](http://amzn.to/2cVOIrE)
-												README update : more books and tools

											
										
										
											2017-04-08 13:59:40 +00:00
+								* [Black Hat Python: Python Programming for Hackers and Pentesters](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900)
 								* [Metasploit: The Penetration Tester's Guide](https://www.nostarch.com/metasploit)
 								* [The Database Hacker's Handbook, David Litchfield et al., 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html)
 								* [The Shellcoders Handbook by Chris Anley et al., 2007](http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html)
 								* [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html)
 								* [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html)
 								* [iOS Hackers Handbook by Charlie Miller et al., 2012](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html)
 								* [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html)
 								* [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html)
 								* [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html)
 								* [Car Hacker's Handbook by Craig Smith, 2016](https://www.nostarch.com/carhacking)
-												XXE renamed, little updates in SQL/Include + enum

											
										
										
											2016-11-03 16:56:15 +00:00
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
+								### Blogs/Websites
-												XXE renamed, little updates in SQL/Include + enum

											
										
										
											2016-11-03 16:56:15 +00:00
+								* http://blog.zsec.uk/101-web-testing-tooling/
 								* https://blog.innerht.ml
 								* https://blog.zsec.uk
 								* https://www.exploit-db.com/google-hacking-database
-												Update ReadMe Practice and Book + SQLi

											
										
										
											2017-02-07 08:53:48 +00:00
+								* https://www.arneswinnen.net
 								* https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102
-												fix markdown formatting, no content changes
											
										
										
											2018-03-26 13:47:44 +00:00
+								### Youtube
-												README - Youtube references

											
										
										
											2017-03-30 18:24:48 +00:00
+								* [Hunting for Top Bounties - Nicolas Grégoire](https://www.youtube.com/watch?v=mQjTgDuLsp4)
 								* [BSidesSF 101 The Tales of a Bug Bounty Hunter - Arne Swinnen](https://www.youtube.com/watch?v=dsekKYNLBbc)
 								* [Security Fest 2016 The Secret life of a Bug Bounty Hunter - Frans Rosén](https://www.youtube.com/watch?v=KDo68Laayh8)
-												Refactoring XSS 0/?

											
										
										
											2018-03-23 12:53:53 +00:00
+								* [IppSec Channel - Hack The Box Writeups](https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA)