pwny.cc
  • Home
  • SO
    • AI
      • Evasion
        • Exercise 1
        • Exercise 2
        • Exercise 3
        • Exercise 4
    • Android
      • adb
      • apktool
      • burp suite
      • dns spoofing
      • frida
      • intent
      • jadx
      • JNI
      • objection
      • tcpdump
      • webview
    • iOS
      • objection
    • Linux
      • Internal Recon
      • Bypasses
      • Network
      • Exfiltration
      • Containers
      • Iptables
    • Windows
      • Internal Recon
      • External Recon
      • Bypasses
      • Network
      • Exfiltration
  • SHELLS
    • Misc
    • Web Shells
    • Reverse Shells
    • Obfuscated Shells
  • WEB ATTACKS
    • Misc
    • Command Injection
    • Cross-Site Scripting (XSS)
      • XSS Tips
      • WAF Bypasses
    • Insecure Direct Object Reference (IDOR)
    • Insecure File Upload
    • Local File Inclusion (LFI)
      • Bypass Techniques
      • LFI to RCE
    • OAuth
    • Open Redirect
      • Open Redirect to XSS
    • Server Side Request Forgery (SSRF)
    • Server Side Template Injection (SSTI)
    • SQL Injection (SQLi)
      • SQLMap
      • MySQL
      • MSSQL
      • Oracle
      • PostgreSQL
    • XML External Entity (XXE)
  • OTHER
    • Cracking
      • Hashcat
      • John the Ripper
    • Sandbox Escape
Powered by GitBook
On this page
  • Contributors
  • Resources used

Was this helpful?

Home

NextAI

Last updated 2 years ago

Was this helpful?

Repository of useful payloads and tips for pentesting/bug bounty.

WEB IN CONTINUOUS UPDATE

I want to warn that I am not the owner of the information on this website, most of the tricks and payloads collected are from other websites and the content belongs to them. At the end of this page you have a compilation of resources where I have got information / tips for this repository.

Contributors

(BE THE FIRST ONE)

Thanks to all contributors and thanks to the owners of the websites where I have been able to gather all this information.

Resources used

If you want to contact me you can do it both on and .

If you want to contribute to this repository, you can do it by contacting me or making a PR to . The people who have contributed to the creation / maintenance of this wiki are listed below.

Twitter
Telegram
GitHub
LogoTL;DRAWAE - OSWE Preparation / Resources
JorgeCTF Resources
Logo/home/six2dez/.pentest-bookPentest Book
Six2dex Pentest Book
HackTricks
LogoHackTricksHackTricks
pentestmonkey | Taking the monkey work out of pentesting
Pentest Monkey
PayloadAllTheThings
LogoGitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTFGitHub
LogoSecurity BlogSecurity Blog
Morph3 Blog
LogoGitHub - s0md3v/AwesomeXSS: Awesome XSS stuffGitHub
S0md3v - Awesome XSS