[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-402":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":25,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":44,"readmeContent":45,"aiSummary":46,"trendingCount":16,"starSnapshotCount":16,"syncStatus":47,"lastSyncTime":48,"discoverSource":49},402,"PayloadsAllTheThings","swisskyrepo\u002FPayloadsAllTheThings","swisskyrepo","A list of useful payloads and bypass for Web Application Security and Pentest\u002FCTF","https:\u002F\u002Fswisskyrepo.github.io\u002FPayloadsAllTheThings\u002F",null,"Python",78443,17092,1967,27,0,23,151,688,111,120,"MIT License",false,"master",true,[27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43],"bounty","bugbounty","bypass","cheatsheet","enumeration","hacking","hacktoberfest","methodology","payload","payloads","penetration-testing","pentest","privilege-escalation","redteam","security","vulnerability","web-application","2026-06-17 04:00:03","# Payloads All The Things\n\nA list of useful payloads and bypasses for Web Application Security.\nFeel free to improve with your payloads and techniques!\n\nYou can also contribute with a :beers: IRL, or using the sponsor button.\n\n[![Sponsor](https:\u002F\u002Fimg.shields.io\u002Fstatic\u002Fv1?label=Sponsor&message=%E2%9D%A4&logo=GitHub&link=https:\u002F\u002Fgithub.com\u002Fsponsors\u002Fswisskyrepo)](https:\u002F\u002Fgithub.com\u002Fsponsors\u002Fswisskyrepo)\n[![Tweet](https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Furl\u002Fhttp\u002Fshields.io.svg?style=social)](https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?text=Payloads%20All%20The%20Things,%20a%20list%20of%20useful%20payloads%20and%20bypasses%20for%20Web%20Application%20Security%20-%20by%20@pentest_swissky&url=https:\u002F\u002Fgithub.com\u002Fswisskyrepo\u002FPayloadsAllTheThings\u002F)\n\nAn alternative display version is available at [PayloadsAllTheThingsWeb](https:\u002F\u002Fswisskyrepo.github.io\u002FPayloadsAllTheThings\u002F).\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"https:\u002F\u002Fraw.githubusercontent.com\u002Fswisskyrepo\u002FPayloadsAllTheThings\u002Fmaster\u002F.github\u002Fbanner.png\" alt=\"banner\">\n\u003C\u002Fp>\n\n## :book: Documentation\n\nEvery section contains the following files, you can use the `_template_vuln` folder to create a new chapter:\n\n- README.md - vulnerability description and how to exploit it, including several payloads\n- Intruder - a set of files to give to Burp Intruder\n- Images - pictures for the README.md\n- Files - some files referenced in the README.md\n\nYou might also like the other projects from the AllTheThings family :\n\n- [InternalAllTheThings](https:\u002F\u002Fswisskyrepo.github.io\u002FInternalAllTheThings\u002F) - Active Directory and Internal Pentest Cheatsheets\n- [HardwareAllTheThings](https:\u002F\u002Fswisskyrepo.github.io\u002FHardwareAllTheThings\u002F) - Hardware\u002FIOT Pentesting Wiki\n\nYou want more? Check the [Books](https:\u002F\u002Fgithub.com\u002Fswisskyrepo\u002FPayloadsAllTheThings\u002Fblob\u002Fmaster\u002F_LEARNING_AND_SOCIALS\u002FBOOKS.md) and [YouTube channel](https:\u002F\u002Fgithub.com\u002Fswisskyrepo\u002FPayloadsAllTheThings\u002Fblob\u002Fmaster\u002F_LEARNING_AND_SOCIALS\u002FYOUTUBE.md) selections.\n\n## :technologist: Contributions\n\nBe sure to read [CONTRIBUTING.md](https:\u002F\u002Fgithub.com\u002Fswisskyrepo\u002FPayloadsAllTheThings\u002Fblob\u002Fmaster\u002FCONTRIBUTING.md)\n\n\u003Cp align=\"center\">\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fswisskyrepo\u002FPayloadsAllTheThings\u002Fgraphs\u002Fcontributors\">\n  \u003Cimg src=\"https:\u002F\u002Fcontrib.rocks\u002Fimage?repo=swisskyrepo\u002FPayloadsAllTheThings&max=36\" alt=\"sponsors-list\" >\n\u003C\u002Fa>\n\u003C\u002Fp>\n\nThanks again for your contribution! :heart:\n\n## :beers: Sponsors\n\nThis project is proudly sponsored by these companies.\n\n| Logo | Description |\n| --- | --- |\n| [\u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F34724717?s=40&v=4\" alt=\"sponsor-serpapi\">](https:\u002F\u002Fserpapi.com) | **SerpApi** is a real time API to access Google search results. It solves the issues of having to rent proxies, solving captchas, and JSON parsing. |\n| [\u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F50994705?s=40&v=4\" alt=\"sponsor-projectdiscovery\">](https:\u002F\u002Fprojectdiscovery.io\u002F) | **ProjectDiscovery** - Detect real, exploitable vulnerabilities. Harness the power of Nuclei for fast and accurate findings without false positives. |\n| [\u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F48131541?s=40&v=4\" alt=\"sponsor-vaadata\">](https:\u002F\u002Fwww.vaadata.com\u002F) | **VAADATA** - Ethical Hacking Services |\n","PayloadsAllTheThings 是一个收集了大量针对Web应用安全的有用负载和绕过技巧的项目。其核心功能包括提供详细的漏洞描述、利用方法及多种攻击载荷，支持Burp Intruder等工具集成使用，并且内容覆盖广泛的安全领域如渗透测试、红队演练等。该项目适合网络安全研究人员、渗透测试人员以及对Web安全感兴趣的开发者在实际工作或学习中参考借鉴，以提升自身技能并发现潜在的安全问题。采用MIT许可证开源，鼓励社区成员贡献新的技术和案例。",2,"2026-06-17 02:35:22","top_all"]