An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with payloads

A curated list of projects in awesome lists tagged with payloads .

https://github.com/edoverflow/bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

bugbounty infosec payloads security

Last synced: 01 Jul 2025

https://github.com/EdOverflow/bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

bugbounty infosec payloads security

Last synced: 05 Apr 2025

https://github.com/1n3/intruderpayloads

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

attack bugbounty burpsuite burpsuite-engagement burpsuite-intruder fuzz fuzz-lists fuzzing injection intruder payloads sql-injection

Last synced: 27 Jan 2026

https://github.com/foospidy/payloads

Git All the Payloads! A collection of web attack payloads.

appsec cybersecurity hacking passwords payload payloads pentest sqli web-attack-payloads xss

Last synced: 14 May 2025

https://github.com/1N3/IntruderPayloads

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

attack bugbounty burpsuite burpsuite-engagement burpsuite-intruder fuzz fuzz-lists fuzzing injection intruder payloads sql-injection

Last synced: 13 Mar 2025

https://github.com/kgretzky/pwndrop

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

file-manager file-sharing http-server payloads redteam self-hosted webdav-server

Last synced: 14 May 2025

https://github.com/terjanq/tiny-xss-payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

bugbounty ctf html javascript payloads xss

Last synced: 13 Apr 2025

https://github.com/terjanq/Tiny-XSS-Payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

bugbounty ctf html javascript payloads xss

Last synced: 05 Apr 2025

https://github.com/0xsobky/hackvault

A container repository for my public web hacks!

exploit fuzzing payloads pentesting reconnaissance regex tracking web-security xss

Last synced: 08 Apr 2025

https://github.com/0xSobky/HackVault

A container repository for my public web hacks!

exploit fuzzing payloads pentesting reconnaissance regex tracking web-security xss

Last synced: 13 Mar 2025

https://github.com/insightglacier/Dictionary-Of-Pentesting

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi

Last synced: 11 Jul 2025

https://github.com/insightglacier/dictionary-of-pentesting

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

bruteforce bugbounty bugbountytips bughunting-methodology database dictionary dns fingerprint fuzzing iot-security password payloads pentest pentesting rce regex-pattern spring-boot subdomain websecurity wifi

Last synced: 05 Apr 2025

https://github.com/nettitude/poshc2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

c2 csharp nettitude payloads poshc2 poshc2-installation powershell proxy-aware python3 redteam

Last synced: 14 May 2025

https://github.com/nettitude/PoshC2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

c2 csharp nettitude payloads poshc2 poshc2-installation powershell proxy-aware python3 redteam

Last synced: 24 Mar 2025

https://github.com/whwlsfb/burpcrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

burp-extensions burp-plugin burpcrypto burpsuite burpsuite-extender ctf ctf-tools execute-js-encryption fuzz-testing payloads

Last synced: 16 May 2025

https://github.com/whwlsfb/BurpCrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

burp-extensions burp-plugin burpcrypto burpsuite burpsuite-extender ctf ctf-tools execute-js-encryption fuzz-testing payloads

Last synced: 13 May 2025

https://github.com/mvelazc0/defcon27_csharp_workshop

Writing custom backdoor payloads with C# - Defcon 27 Workshop

csharp payloads redteam

Last synced: 16 May 2025

https://github.com/swisskyrepo/InternalAllTheThings

Active Directory and Internal Pentest Cheatsheets

cheatsheet hacktoberfest payloads pentest redteam security wiki

Last synced: 04 Apr 2025

https://github.com/swisskyrepo/internalallthethings

Active Directory and Internal Pentest Cheatsheets

cheatsheet hacktoberfest payloads pentest redteam security wiki

Last synced: 26 Jan 2026

https://github.com/r00t-3xp10it/FakeImageExploiter

Use a Fake image.jpg to exploit targets (hide known file extensions)

exploiter hide-extensions-known-file-types image-jpg-ps1 payloads spoof-extensions

Last synced: 26 Mar 2025

https://github.com/r00t-3xp10it/fakeimageexploiter

Use a Fake image.jpg to exploit targets (hide known file extensions)

exploiter hide-extensions-known-file-types image-jpg-ps1 payloads spoof-extensions

Last synced: 04 Apr 2025

https://github.com/sh377c0d3/Payloads

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

bugbounty bugbounty-tool payload payloads payloads-database penetration-testing

Last synced: 12 Jul 2025

https://github.com/cytopia/badchars

Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.

badchars cytopia-sec encoder encoder-decoder payload payloads reverse-engineering security-tools

Last synced: 05 Apr 2025

https://github.com/InfoSecWarrior/Offensive-Payloads

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

bugbounty payloads pentest pentesting security vulnerability-assessment wordlists

Last synced: 27 Sep 2025

https://github.com/king04aman/keylogger

A keylogger, sometimes called a keystroke logger or keyboard capture, is a type of surveillance technology used to monitor and record each keystroke on a specific computer. Keylogger software is also available for use on smartphones, such as the Apple iPhone and Android devices.

advance-keylogger cybersecurity cybersecurity-projects hacking hacking-tools keylogger keylogger-python keylogger-script keylogs linux payloads pen-testing penetration-testing python-hacking python3 windows

Last synced: 21 Apr 2025

https://github.com/ihebski/XSS-Payloads

Collection of XSS Payloads for fun and profit

bugbounty bughunter javascript payloads pentesting xss-exploitation xss-payloads

Last synced: 28 Sep 2025

https://github.com/foospidy/web-cve-tests

A simple framework for sending test payloads for known web CVEs.

application-sec cve cve-scanning payloads struts tests web

Last synced: 12 Apr 2025

https://github.com/machine1337/window-rat

The purpose of this tool is to test the window10 defender protection and also other antivirus protection.

amsi antivirus avbypass avevasion bypass-antivirus hacking machine1337 payload payloads powershell protection redteaming window10

Last synced: 19 Jun 2025

https://github.com/infosecredd/repg-community-payloads

A collection of Encoded Payloads from the Community both for Hak5 & BadUSB Devices

badusb badusb-payloads ducky-payloads ducky-script duckyscript duckyscripts hak5-ducky hak5-rubber-ducky omg omg-payloads payloads

Last synced: 25 Feb 2026

https://github.com/machine1337/mafiahacks

The purpose of this tool is to automate the payload Creation Process. U can Create Payloads For All Types of OS in Seconds.

android-payloads androidrat applehacking applepayloads automation hacking iospayloads linux linux-payloads machacking machine1337 macospayloads metasploit-framework msfconsole obfuscation payloads windows-payloads

Last synced: 25 Apr 2025

https://github.com/andripwn/PayloadsAll

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

allpayload bugbounty bugcrowd bughunter hackerone payloads pentest python rce researchers securityresearchers sql vulnerability vulnerabilityanalysis xsss

Last synced: 10 Mar 2025

https://github.com/edoardottt/malicious-rmqr-codes

Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more

bug-bounty bugbounty malicious-payloads offensive-security payload-generator payloads qr-code qrcode qrcodes red-team red-team-tools redteam redteam-tools redteaming rmqr rmqrcode security security-tools web-security

Last synced: 21 Mar 2025

https://github.com/machine1337/pyobfuscate

A simple and efficent script to obfuscate python payloads to make it completely FUD

crypter crypters empire evasions fud hacking hacking-tools metasploit obfuscation payloads rats security stealers

Last synced: 25 Apr 2025

https://github.com/infosecredd/btsm-payloads

BTSM (Behind-the-Scenes Manipulation) Payloads PoC

obfuscation payloads steganography steganography-encoding

Last synced: 14 Apr 2025

https://github.com/aenslei/flipperzero-studies

Learning how to create simple USB payloads using duckyScript and Powershell for the Flipper Zero!

badusb badusb-payloads cybersecurity flipper-zero flipperzero learning-by-doing payloads powershell powershell-script rubber-ducky rubber-ducky-script

Last synced: 08 Mar 2026

https://github.com/mr-xn/infohunter

pentester payload ,info hunte

dork-finder payloads pentesting

Last synced: 15 Jul 2025

https://github.com/byt3n33dl3/thc-cartel

Configurations and Deprecated payloads. Some useful scripts for Cobaltstrike.

exploit kali-linux metasploit operating-system payloads pentesting shellcode

Last synced: 29 Mar 2025

https://github.com/0xccf4/expkit

A framework and build automation tool to process exploits/payloads to evade antivirus and endpoint detection response products using reusable building-blocks like encryption or obfuscation. Mirrors: https://gitlab.com/0xCCF4/expkit . Create issues and merge request on gitlab.

antivirus-evasion building-automation cross-platform cybersecurity endpoint-detection-response evasion exploits framework multiplatform payloads platform-independent python

Last synced: 14 Aug 2025

https://github.com/fyxme/blistener

Blind-XSS listener with payloads to the target user's browser data including cookies, local/session storage, html code, screenshot of current page (HTTP listener optionally)

blind-xss golang http http-listener javascript listener payloads xss

Last synced: 14 Apr 2025

https://github.com/an4kein/gorevpop

With this tool you can generate easy and sophisticated reverse shell commands to help you during penetration tests

gohacking hacking hacks hackthebox htb offensive-security oscp payloads pentest popshell pwk redteam reverseshell revshell seginfo shell

Last synced: 21 Jan 2026

https://github.com/veelenga/jsonapi-payload-explorer

JSON::API Payload Explorer

json jsonapi payloads

Last synced: 17 Mar 2025

https://github.com/vulnpire/arsenal

Collection of tools, scripts, one-liners, templates, dorks and more

bug-bounty payloads recon red-team

Last synced: 21 Sep 2025

https://github.com/volkansah/xsspy-ncf

XssPy is a tool designed to help security researchers and ethical hackers identify potential Cross-Site Scripting (XSS) vulnerabilities in web applications. It automates the process of testing for XSS vulnerabilities by analyzing web pages and submitting payloads to check for any possible security issues.

2024 cross-site-scripting ethical ethical-hacker ethical-hacking ethical-hacking-tools payload payloads payloads-cheatsheet python python3 rebuild xss xsspy

Last synced: 26 Oct 2025

https://github.com/lonaryx/attiny85_wifi_stiler

Attiny85 WiFi Profile Stealer 🌐🔑 - небольшой, но мощный инструмент, разработанный для изучения и сбора профилей сохраненных WiFi-сетей на целевом компьютере. 📶💻

arduino arduino-sketch attiny85 attiny85-arduino attiny85-payloads digispark digispark-scripts hackwifi payloads stiler ua ukrainian usb usb-hacking wifi wifi-hacking wifi-network wifi-security windows

Last synced: 24 Jun 2025

https://github.com/Lonaryx/Attiny85_WiFi_Stiler

Attiny85 WiFi Profile Stealer 🌐🔑 - небольшой, но мощный инструмент, разработанный для изучения и сбора профилей сохраненных WiFi-сетей на целевом компьютере. 📶💻

arduino arduino-sketch attiny85 attiny85-arduino attiny85-payloads digispark digispark-scripts hackwifi payloads stiler ua ukrainian usb usb-hacking wifi wifi-hacking wifi-network wifi-security windows

Last synced: 18 Sep 2025

https://github.com/bountyhacking/Payloads_Tool_box

At this repo you can find any tools, tricks or templates for general penetration testing assesment

bounty bounty-hunting-tools bug bugbounty burpsuite curl fuzzing payload payloads pentesting sqli sqlmap tty xss

Last synced: 10 Mar 2025

https://github.com/datavenueliveobjects/payload-decoders

Live Objects can turn your compacted payloads into json payloads. Enabled for SMS, LoRa, MQTT.

decoder lora mqtt payloads sms

Last synced: 03 Sep 2025

https://github.com/mython-dev/pyhacktool

PyHackTool — это установшик инструментов для пентеста на Linux(Debian,Ubuntu). Этот инструмент облегчает вам задачу. Вам не нужно искать инструмент в github и т.д и клонировать. Вам останется только выбрать инструмент.

debian exploits hacking hacking-tool kalilinux linux payloads pentesting python python2 python3 tools ubuntu

Last synced: 15 Mar 2025

https://github.com/ebrasha/awesome-wordlists

The most comprehensive repository on GitHub, collection of wordlists for penetration testing, brute-force, and dictionary attacks, curated and organized by Ebrahim Shafiei (EbraSha) for security researchers.

abdal bounty cheatsheet dictionary-attack directory-enumeration ebrahim-shafiei ebrasha exploit-payloads fuzzing gpt-prompts hacking passlist password-list payloads penetration-testing prompt-injection seclists wordlists

Last synced: 11 Jun 2026

https://github.com/exfil0/sqli-advanced-scanner

The Advanced SQL Injection Scanner is a sophisticated, Python-based tool crafted for security analysts and penetration testers. It automates the detection of SQL Injection vulnerabilities in web applications by sending varied SQLi payloads to specified URLs and analyzing the responses for signs of injectable parameters.

automated cybersecurity linux payloads python scanner sqlinjection

Last synced: 18 Jun 2026

https://github.com/francis94c/refactor-ci

A PHP (code Igniter) Library for easily refactoring associative arrays (remove key-vals, rename keys, & inflate a value with respective objects from a mysql table based off provided primary key values). You'll find this library useful if you want to return payloads which should have different keys than what they exist as in the database.

codeigniter database igniter json payloads php refactor-ci resource rest rest-api

Last synced: 16 Apr 2026

https://github.com/uttambodara/cyberelite

🔐 Welcome to Hack-Academia — your go-to destination for everything related to 🖥️ ethical hacking, 🔧 penetration testing, and 🛡️ cybersecurity research. Whether you're a 🌱 newcomer eager to dive into the cyber world or a 🧑‍💻 skilled expert searching for the latest tools and tactics, Hack-Academia is here to fuel your journey. ⚡

attacksurface awesome awesome-list bug-bounty cheatsheet-god cybersecurity cybersecurity-tool exploitation good-first-issue hacking hacking-tool how-to-hack information-gathering oscp-prep passwordattack payloads reverse-engineering roadmap security-vulnerability web-hacking

Last synced: 26 Jun 2025

https://github.com/zinzied/humanfuzz

Human-like web fuzzer for advanced vulnerability detection in web applications.

csrf payloads pentesting sqlite ssrf vulnerabilities vulnerability vulnerability-scanners website xss-vulnerability

Last synced: 07 Mar 2026

https://github.com/shreyaschavhan/bugbountywriteups

This Repository will contain Bug Bounty Write-Up that I read on daily basis!

bounty bounty-hunters bug-bounty bugbounty bugcrowd hackerone hackers payloads synack tools writeups

Last synced: 10 Mar 2025

https://github.com/julian-nash/liaison

A Python library for defining schemas, parsing and validating payloads

parsing payloads python validation

Last synced: 13 Jun 2025

https://github.com/asmroyal/0x001829-b

0x001829-B is exploit tool for web servers & for home ip's

csharp csharp-code exploit exploitation exploitation-framework exploits net payload payloads

Last synced: 15 May 2025

https://github.com/ordinary-hacker/oh-my-shells

The offline, CLI-first swiss army knife for shell payloads!

payloads penetration-testing pentest pentesting red-team redteam shell toml

Last synced: 18 May 2026

https://github.com/amir13872/funny-virus

A collection of tiny, fun viruses and malware created purely for entertainment and playful programming experiments. This project is meant just for fun and harmless testing!

batch-file batch-script batchfile hacking hacking-tool macros metasploit metasploit-framework meterpreter payloads python script tool trojan vbscript

Last synced: 01 Mar 2026

https://github.com/zxce3/webpayloadallthethings

This website project is not finished at all :)

payloads

Last synced: 17 Feb 2026

https://github.com/zombiegeek0/scorpion

Esta es un herramienta en Python para generar todo tipo de payloads con MsfVenom

framework hacking metasploit msf payloads pentesting py python3 scorpion vuln windows zombiegeek0

Last synced: 10 May 2026

https://github.com/hackfutsec/xssdump

**XssDump** is a Python-based XSS (Cross-Site Scripting) vulnerability scanner designed to test web applications for potential XSS vulnerabilities. The script performs automated testing by injecting payloads into URLs and analyzing HTTP responses to check for the presence of malicious scripts.

cybersecurity hacking payloads payloadsallthethings python xss xss-attacks xss-detection xss-exploitation xss-vulnerability

Last synced: 12 May 2026