Home

Repository of useful payloads and tips for pentesting/bug bounty.
WEB IN CONTINUOUS UPDATE
I want to warn that I am not the owner of the information on this website, most of the tricks and payloads collected are from other websites and the content belongs to them. At the end of this page you have a compilation of resources where I have got information / tips for this repository.
If you want to contact me you can do it both on Twitter and Telegram.
If you want to contribute to this repository, you can do it by contacting me or making a PR to GitHub. The people who have contributed to the creation / maintenance of this wiki are listed below.
Contributors
(BE THE FIRST ONE)
Thanks to all contributors and thanks to the owners of the websites where I have been able to gather all this information.
Resources used
GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
GitHub
PayloadAllTheThings
HackTricks
HackTricks
HackTricks
/home/six2dez/.pentest-book
Pentest Book
Six2dex Pentest Book
TL;DR
AWAE - OSWE Preparation / Resources
JorgeCTF Resources
pentestmonkey | Taking the monkey work out of pentesting
Pentest Monkey
Security Blog
Security Blog
Morph3 Blog
GitHub - s0md3v/AwesomeXSS: Awesome XSS stuff
GitHub
S0md3v - Awesome XSS
​

Next - WEB ATTACKS

Misc

Last modified 8mo ago