payload

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Free and Open-source Headless CMS and Application Framework built with TypeScript, Node.js, React and MongoDB

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Awesome XSS stuff

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

The LAZY script will make your life easier, and of course faster.

All about bug bounty (bypasses, payloads, and etc)

Git All the Payloads! A collection of web attack payloads.

🎯 SQL Injection Payload List

Python Remote Administration Tool (RAT)

Penetration tests guide based on OWASP including test cases, resources and examples.

🔥 CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.

🐈Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

🎯 Command Injection Payload List

C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Python antivirus evasion tool

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

MSFvenom Payload Creator (MSFPC)

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.