payloadsallthethings (2.1-0kali2)
Details
Core information at a glance
- Distribution
- kali
- Origin
- kali-last-snapshot
- Repository
- https://http.kali.org/kali
- Codename
- kali-last-snapshot
- Component
- main
- Source
- none
- Architecture
- amd64
- Section
- utils
- Priority
- extra
- Maintainer
- Joseph O'Gorman <[email protected]>
Size & integrity
Byte sizes and integrity verification
- Installed size
- 7.7 kB
- Size expected
- 3.5 MB
- Size actual
- 3.5 MB
- Size match
Suggested packages
Recommended additional packages
- None
Description
Collection of useful payloads and bypasses
Tags
Package classification tags
None
Checksums
Hash values and integrity verification status
| Type | Actual | Match |
|---|---|---|
| MD5 | 940566bc…375da71a | |
| SHA-1 | f936cb16…701b517d | |
| SHA-256 | d77a2233…5995825a | |
| SHA-512 | 7d73a463…e43c174b |
Contents
Files and directories included
. usr usr/bin usr/bin/payloadsallthethings usr/share usr/share/doc usr/share/doc/payloadsallthethings usr/share/doc/payloadsallthethings/changelog.Debian.gz usr/share/doc/payloadsallthethings/copyright usr/share/payloadsallthethings usr/share/payloadsallthethings/AWS Amazon Bucket S3 usr/share/payloadsallthethings/AWS Amazon Bucket S3/README.md usr/share/payloadsallthethings/BOOKS.md usr/share/payloadsallthethings/CRLF Injection usr/share/payloadsallthethings/CRLF Injection/README.md usr/share/payloadsallthethings/CRLF Injection/crlfinjection.txt usr/share/payloadsallthethings/CSRF Injection usr/share/payloadsallthethings/CSRF Injection/Images usr/share/payloadsallthethings/CSRF Injection/Images/CSRF-CheatSheet.png usr/share/payloadsallthethings/CSRF Injection/README.md usr/share/payloadsallthethings/CSV Injection usr/share/payloadsallthethings/CSV Injection/README.md usr/share/payloadsallthethings/CVE Exploits usr/share/payloadsallthethings/CVE Exploits/Apache Struts 2 CVE-2013-2251 CVE-2017-5638 CVE-2018-11776_.py usr/share/payloadsallthethings/CVE Exploits/Apache Struts 2 CVE-2017-9805.py usr/share/payloadsallthethings/CVE Exploits/Apache Struts 2 CVE-2018-11776.py usr/share/payloadsallthethings/CVE Exploits/Docker API RCE.py usr/share/payloadsallthethings/CVE Exploits/Drupalgeddon2 CVE-2018-7600.rb usr/share/payloadsallthethings/CVE Exploits/Heartbleed CVE-2014-0160.py usr/share/payloadsallthethings/CVE Exploits/JBoss CVE-2015-7501.py usr/share/payloadsallthethings/CVE Exploits/Jenkins CVE-2015-8103.py usr/share/payloadsallthethings/CVE Exploits/Jenkins CVE-2016-0792.py usr/share/payloadsallthethings/CVE Exploits/Jenkins Groovy Console.py usr/share/payloadsallthethings/CVE Exploits/README.md usr/share/payloadsallthethings/CVE Exploits/Rails CVE-2019-5420.rb usr/share/payloadsallthethings/CVE Exploits/Shellshock CVE-2014-6271.py usr/share/payloadsallthethings/CVE Exploits/Tomcat CVE-2017-12617.py usr/share/payloadsallthethings/CVE Exploits/WebLogic CVE-2016-3510.py usr/share/payloadsallthethings/CVE Exploits/WebLogic CVE-2017-10271.py usr/share/payloadsallthethings/CVE Exploits/WebLogic CVE-2018-2894.py usr/share/payloadsallthethings/CVE Exploits/WebSphere CVE-2015-7450.py usr/share/payloadsallthethings/Command Injection usr/share/payloadsallthethings/Command Injection/Intruder usr/share/payloadsallthethings/Command Injection/Intruder/command-execution-unix.txt usr/share/payloadsallthethings/Command Injection/Intruder/command_exec.txt usr/share/payloadsallthethings/Command Injection/README.md usr/share/payloadsallthethings/Directory Traversal usr/share/payloadsallthethings/Directory Traversal/Intruder usr/share/payloadsallthethings/Directory Traversal/Intruder/deep_traversal.txt usr/share/payloadsallthethings/Directory Traversal/Intruder/directory_traversal.txt usr/share/payloadsallthethings/Directory Traversal/Intruder/dotdotpwn.txt usr/share/payloadsallthethings/Directory Traversal/Intruder/traversals-8-deep-exotic-encoding.txt usr/share/payloadsallthethings/Directory Traversal/README.md usr/share/payloadsallthethings/File Inclusion usr/share/payloadsallthethings/File Inclusion/Intruders usr/share/payloadsallthethings/File Inclusion/Intruders/BSD-files.txt usr/share/payloadsallthethings/File Inclusion/Intruders/JHADDIX_LFI.txt usr/share/payloadsallthethings/File Inclusion/Intruders/LFI-FD-check.txt usr/share/payloadsallthethings/File Inclusion/Intruders/LFI-WindowsFileCheck.txt usr/share/payloadsallthethings/File Inclusion/Intruders/Linux-files.txt usr/share/payloadsallthethings/File Inclusion/Intruders/List_Of_File_To_Include.txt usr/share/payloadsallthethings/File Inclusion/Intruders/List_Of_File_To_Include_NullByteAdded.txt usr/share/payloadsallthethings/File Inclusion/Intruders/Logs-files.txt usr/share/payloadsallthethings/File Inclusion/Intruders/Mac-files.txt usr/share/payloadsallthethings/File Inclusion/Intruders/Traversal.txt usr/share/payloadsallthethings/File Inclusion/Intruders/Web-files.txt usr/share/payloadsallthethings/File Inclusion/Intruders/Windows-files.txt usr/share/payloadsallthethings/File Inclusion/Intruders/dot-slash-PathTraversal_and_LFI_pairing.txt usr/share/payloadsallthethings/File Inclusion/Intruders/simple-check.txt usr/share/payloadsallthethings/File Inclusion/README.md usr/share/payloadsallthethings/File Inclusion/phpinfolfi.py usr/share/payloadsallthethings/File Inclusion/uploadlfi.py usr/share/payloadsallthethings/GraphQL Injection usr/share/payloadsallthethings/GraphQL Injection/Images usr/share/payloadsallthethings/GraphQL Injection/Images/htb-help.png usr/share/payloadsallthethings/GraphQL Injection/README.md usr/share/payloadsallthethings/Insecure Deserialization usr/share/payloadsallthethings/Insecure Deserialization/Files usr/share/payloadsallthethings/Insecure Deserialization/Files/PHP-Serialization-RCE-Exploit.php usr/share/payloadsallthethings/Insecure Deserialization/Files/Ruby_universal_gadget_generate_verify.rb usr/share/payloadsallthethings/Insecure Deserialization/Java.md usr/share/payloadsallthethings/Insecure Deserialization/PHP.md usr/share/payloadsallthethings/Insecure Deserialization/Python.md usr/share/payloadsallthethings/Insecure Deserialization/README.md usr/share/payloadsallthethings/Insecure Deserialization/Ruby.md usr/share/payloadsallthethings/Insecure Direct Object References usr/share/payloadsallthethings/Insecure Direct Object References/Images usr/share/payloadsallthethings/Insecure Direct Object References/Images/idor.png usr/share/payloadsallthethings/Insecure Direct Object References/README.md usr/share/payloadsallthethings/Insecure Management Interface usr/share/payloadsallthethings/Insecure Management Interface/Intruder usr/share/payloadsallthethings/Insecure Management Interface/Intruder/springboot_actuator.txt usr/share/payloadsallthethings/Insecure Management Interface/README.md usr/share/payloadsallthethings/Insecure Source Code Management usr/share/payloadsallthethings/Insecure Source Code Management/README.md usr/share/payloadsallthethings/JSON Web Token usr/share/payloadsallthethings/JSON Web Token/README.md usr/share/payloadsallthethings/LDAP Injection usr/share/payloadsallthethings/LDAP Injection/Intruder usr/share/payloadsallthethings/LDAP Injection/Intruder/LDAP_FUZZ.txt usr/share/payloadsallthethings/LDAP Injection/Intruder/LDAP_attributes.txt usr/share/payloadsallthethings/LDAP Injection/README.md usr/share/payloadsallthethings/LICENSE usr/share/payloadsallthethings/LaTeX Injection usr/share/payloadsallthethings/LaTeX Injection/README.md usr/share/payloadsallthethings/Methodology and Resources usr/share/payloadsallthethings/Methodology and Resources/Active Directory Attack.md usr/share/payloadsallthethings/Methodology and Resources/Linux - Persistence.md usr/share/payloadsallthethings/Methodology and Resources/Linux - Privilege Escalation.md usr/share/payloadsallthethings/Methodology and Resources/Metasploit - Cheatsheet.md usr/share/payloadsallthethings/Methodology and Resources/Methodology and enumeration.md usr/share/payloadsallthethings/Methodology and Resources/Network Discovery.md usr/share/payloadsallthethings/Methodology and Resources/Network Pivoting Techniques.md usr/share/payloadsallthethings/Methodology and Resources/Reverse Shell Cheatsheet.md usr/share/payloadsallthethings/Methodology and Resources/Subdomains Enumeration.md usr/share/payloadsallthethings/Methodology and Resources/Windows - Download and Execute.md usr/share/payloadsallthethings/Methodology and Resources/Windows - Mimikatz.md usr/share/payloadsallthethings/Methodology and Resources/Windows - Persistence.md usr/share/payloadsallthethings/Methodology and Resources/Windows - Post Exploitation Koadic.md usr/share/payloadsallthethings/Methodology and Resources/Windows - Privilege Escalation.md usr/share/payloadsallthethings/Methodology and Resources/Windows - Using credentials.md usr/share/payloadsallthethings/NoSQL Injection usr/share/payloadsallthethings/NoSQL Injection/Intruder usr/share/payloadsallthethings/NoSQL Injection/Intruder/NoSQL.txt usr/share/payloadsallthethings/NoSQL Injection/README.md usr/share/payloadsallthethings/OAuth usr/share/payloadsallthethings/OAuth/README.md usr/share/payloadsallthethings/Open Redirect usr/share/payloadsallthethings/Open Redirect/Intruder usr/share/payloadsallthethings/Open Redirect/Intruder/Open-Redirect-payloads.txt usr/share/payloadsallthethings/Open Redirect/Intruder/open_redirect_wordlist.txt usr/share/payloadsallthethings/Open Redirect/Intruder/openredirects.txt usr/share/payloadsallthethings/Open Redirect/README.md usr/share/payloadsallthethings/README.md usr/share/payloadsallthethings/SAML Injection usr/share/payloadsallthethings/SAML Injection/Images usr/share/payloadsallthethings/SAML Injection/Images/SAML-xml-flaw.png usr/share/payloadsallthethings/SAML Injection/Images/XSLT1.jpg usr/share/payloadsallthethings/SAML Injection/README.md usr/share/payloadsallthethings/SQL Injection usr/share/payloadsallthethings/SQL Injection/Cassandra Injection.md usr/share/payloadsallthethings/SQL Injection/HQL Injection.md usr/share/payloadsallthethings/SQL Injection/Images usr/share/payloadsallthethings/SQL Injection/Images/PostgreSQL_cmd_exec.png usr/share/payloadsallthethings/SQL Injection/Images/wildcard_underscore.jpg usr/share/payloadsallthethings/SQL Injection/Intruder usr/share/payloadsallthethings/SQL Injection/Intruder/Auth_Bypass.txt usr/share/payloadsallthethings/SQL Injection/Intruder/Auth_Bypass2.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_MSSQL-WHERE_Time.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_MSSQL.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_MSSQL_Enumeration.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_MYSQL.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_MySQL-WHERE_Time.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_MySQL_ReadLocalFiles.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_Oracle.txt usr/share/payloadsallthethings/SQL Injection/Intruder/FUZZDB_Postgres_Enumeration.txt usr/share/payloadsallthethings/SQL Injection/Intruder/Generic_ErrorBased.txt usr/share/payloadsallthethings/SQL Injection/Intruder/Generic_TimeBased.txt usr/share/payloadsallthethings/SQL Injection/Intruder/Generic_UnionSelect.txt usr/share/payloadsallthethings/SQL Injection/Intruder/SQL-Injection usr/share/payloadsallthethings/SQL Injection/Intruder/SQLi_Polyglots.txt usr/share/payloadsallthethings/SQL Injection/Intruder/payloads-sql-blind-MSSQL-INSERT usr/share/payloadsallthethings/SQL Injection/Intruder/payloads-sql-blind-MSSQL-WHERE usr/share/payloadsallthethings/SQL Injection/Intruder/payloads-sql-blind-MySQL-INSERT usr/share/payloadsallthethings/SQL Injection/Intruder/payloads-sql-blind-MySQL-ORDER_BY usr/share/payloadsallthethings/SQL Injection/Intruder/payloads-sql-blind-MySQL-WHERE usr/share/payloadsallthethings/SQL Injection/MSSQL Injection.md usr/share/payloadsallthethings/SQL Injection/MySQL Injection.md usr/share/payloadsallthethings/SQL Injection/OracleSQL Injection.md usr/share/payloadsallthethings/SQL Injection/PostgreSQL Injection.md usr/share/payloadsallthethings/SQL Injection/README.md usr/share/payloadsallthethings/SQL Injection/SQLite Injection.md usr/share/payloadsallthethings/Server Side Request Forgery usr/share/payloadsallthethings/Server Side Request Forgery/Files usr/share/payloadsallthethings/Server Side Request Forgery/Files/ip.py usr/share/payloadsallthethings/Server Side Request Forgery/Files/ssrf_ffmpeg.avi usr/share/payloadsallthethings/Server Side Request Forgery/Files/ssrf_iframe.svg usr/share/payloadsallthethings/Server Side Request Forgery/Images usr/share/payloadsallthethings/Server Side Request Forgery/Images/Parser & Curl < 7.54.png usr/share/payloadsallthethings/Server Side Request Forgery/Images/SSRF_Parser.png usr/share/payloadsallthethings/Server Side Request Forgery/Images/SSRF_stream.png usr/share/payloadsallthethings/Server Side Request Forgery/Images/WeakParser.jpg usr/share/payloadsallthethings/Server Side Request Forgery/Images/aws-cli.jpg usr/share/payloadsallthethings/Server Side Request Forgery/README.md usr/share/payloadsallthethings/Server Side Template Injection usr/share/payloadsallthethings/Server Side Template Injection/Files usr/share/payloadsallthethings/Server Side Template Injection/Files/SSRF_expect.svg usr/share/payloadsallthethings/Server Side Template Injection/Files/SSRF_url.svg usr/share/payloadsallthethings/Server Side Template Injection/Images usr/share/payloadsallthethings/Server Side Template Injection/Images/serverside.png usr/share/payloadsallthethings/Server Side Template Injection/Intruder usr/share/payloadsallthethings/Server Side Template Injection/Intruder/JHADDIX_SSI_Injection.txt usr/share/payloadsallthethings/Server Side Template Injection/Intruder/ssi_quick.txt usr/share/payloadsallthethings/Server Side Template Injection/README.md usr/share/payloadsallthethings/Type Juggling usr/share/payloadsallthethings/Type Juggling/README.md usr/share/payloadsallthethings/Upload Insecure Files usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/README.md usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/gen_avi_bypass.py usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/gen_xbin_avi.py usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/read_passwd.avi usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/read_passwd_bypass.mp4 usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/read_shadow.avi usr/share/payloadsallthethings/Upload Insecure Files/CVE Ffmpeg HLS/read_shadow_bypass.mp4 usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/README.md usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagemagik_ghostscript_reverse_shell.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_imageover_wget.gif usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_bind_shell_nc.mvg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_curl.png usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_portscan.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_remote_connection.mvg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_reverse_shell_bash.mvg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_url_touch.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik2_burpcollaborator_passwd.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik2_centos_id.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_id.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE Image Tragik/imagetragik2_ubuntu_shell.jpg usr/share/payloadsallthethings/Upload Insecure Files/CVE ZIP Symbolic Link usr/share/payloadsallthethings/Upload Insecure Files/CVE ZIP Symbolic Link/etc_passwd.zip usr/share/payloadsallthethings/Upload Insecure Files/CVE ZIP Symbolic Link/generate.sh usr/share/payloadsallthethings/Upload Insecure Files/CVE ZIP Symbolic Link/passwd usr/share/payloadsallthethings/Upload Insecure Files/Configuration Apache .htaccess usr/share/payloadsallthethings/Upload Insecure Files/Configuration Apache .htaccess/.htaccess usr/share/payloadsallthethings/Upload Insecure Files/Configuration Apache .htaccess/README.md usr/share/payloadsallthethings/Upload Insecure Files/Configuration Busybox httpd.conf usr/share/payloadsallthethings/Upload Insecure Files/Configuration Busybox httpd.conf/README.md usr/share/payloadsallthethings/Upload Insecure Files/Configuration Busybox httpd.conf/httpd.conf usr/share/payloadsallthethings/Upload Insecure Files/Configuration Busybox httpd.conf/shellymcshellface.sh usr/share/payloadsallthethings/Upload Insecure Files/Configuration IIS web.config usr/share/payloadsallthethings/Upload Insecure Files/Configuration IIS web.config/web.config usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-admin-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-conf-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-config-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-controllers-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-generate-init.py usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-login-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-models-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-modules-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-scripts-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-settings-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-tests-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-urls-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-utils-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/Configuration Python __init__.py/python-view-__init__.py.zip usr/share/payloadsallthethings/Upload Insecure Files/EICAR usr/share/payloadsallthethings/Upload Insecure Files/EICAR/eicar.txt usr/share/payloadsallthethings/Upload Insecure Files/Extension Flash usr/share/payloadsallthethings/Upload Insecure Files/Extension Flash/README.md usr/share/payloadsallthethings/Upload Insecure Files/Extension Flash/xss.swf usr/share/payloadsallthethings/Upload Insecure Files/Extension Flash/xssproject.swf usr/share/payloadsallthethings/Upload Insecure Files/Extension HTML usr/share/payloadsallthethings/Upload Insecure Files/Extension HTML/xss.html usr/share/payloadsallthethings/Upload Insecure Files/Extension PDF JS usr/share/payloadsallthethings/Upload Insecure Files/Extension PDF JS/poc.js usr/share/payloadsallthethings/Upload Insecure Files/Extension PDF JS/poc.py usr/share/payloadsallthethings/Upload Insecure Files/Extension PDF JS/result.pdf usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.jpg.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.phar usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.php3 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.php4 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.php5 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.php7 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.phpt usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.pht usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/phpinfo.phtml usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.gif?shell.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.jpeg.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.jpg.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.jpg?shell.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.pgif usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.phar usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.php3 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.php4 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.php5 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.php7 usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.phpt usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.pht usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.phtml usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.png.php usr/share/payloadsallthethings/Upload Insecure Files/Extension PHP/shell.png?shell.php usr/share/payloadsallthethings/Upload Insecure Files/Picture Metadata usr/share/payloadsallthethings/Upload Insecure Files/Picture Metadata/Build_image_to_LFI.py usr/share/payloadsallthethings/Upload Insecure Files/Picture Metadata/PHP_exif_phpinfo.jpg usr/share/payloadsallthethings/Upload Insecure Files/Picture Metadata/PHP_exif_system.gif usr/share/payloadsallthethings/Upload Insecure Files/Picture Metadata/PHP_exif_system.jpg usr/share/payloadsallthethings/Upload Insecure Files/Picture Metadata/PHP_exif_system.png usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/GIF_exploit.gif usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/JPG_exploit-55.jpg usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/PNG_110x110_resize_bypass_use_LFI.png usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/PNG_32x32_resize_bypass_use_LFI.png usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/README.txt usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/exploit_JPG.py usr/share/payloadsallthethings/Upload Insecure Files/Picture Resize/exploit_PNG_110x110.php usr/share/payloadsallthethings/Upload Insecure Files/README.md usr/share/payloadsallthethings/Upload Insecure Files/Server Side Include usr/share/payloadsallthethings/Upload Insecure Files/Server Side Include/exec.shtml usr/share/payloadsallthethings/Upload Insecure Files/Server Side Include/include.shtml usr/share/payloadsallthethings/Upload Insecure Files/Server Side Include/index.stm usr/share/payloadsallthethings/Web Cache Deception usr/share/payloadsallthethings/Web Cache Deception/Intruders usr/share/payloadsallthethings/Web Cache Deception/Intruders/param_miner_lowercase_headers.txt usr/share/payloadsallthethings/Web Cache Deception/README.md usr/share/payloadsallthethings/Web Sockets usr/share/payloadsallthethings/Web Sockets/Files usr/share/payloadsallthethings/Web Sockets/Files/ws-harness.py usr/share/payloadsallthethings/Web Sockets/Images usr/share/payloadsallthethings/Web Sockets/Images/WebsocketHarness.jpg usr/share/payloadsallthethings/Web Sockets/Images/sqlmap.png usr/share/payloadsallthethings/Web Sockets/Images/websocket-harness-start.png usr/share/payloadsallthethings/Web Sockets/README.md usr/share/payloadsallthethings/XPATH Injection usr/share/payloadsallthethings/XPATH Injection/README.md usr/share/payloadsallthethings/XSS Injection usr/share/payloadsallthethings/XSS Injection/Files usr/share/payloadsallthethings/XSS Injection/Files/"><img src=x onerror=alert(document.cookie);.jpg usr/share/payloadsallthethings/XSS Injection/Files/"><svg onload=alert(1)> usr/share/payloadsallthethings/XSS Injection/Files/'><svg onload=alert(1)> usr/share/payloadsallthethings/XSS Injection/Files/InsecureFlashFile.swf usr/share/payloadsallthethings/XSS Injection/Files/JupyterNotebookXSS.ipynb usr/share/payloadsallthethings/XSS Injection/Files/SVG_XSS.svg usr/share/payloadsallthethings/XSS Injection/Files/SVG_XSS1.svg usr/share/payloadsallthethings/XSS Injection/Files/SVG_XSS2.svg usr/share/payloadsallthethings/XSS Injection/Files/SVG_XSS3.svg usr/share/payloadsallthethings/XSS Injection/Files/SWF_XSS.swf usr/share/payloadsallthethings/XSS Injection/Files/XML_XSS_cheatsheet.html usr/share/payloadsallthethings/XSS Injection/Files/xml.xsd usr/share/payloadsallthethings/XSS Injection/Files/xss.cer usr/share/payloadsallthethings/XSS Injection/Files/xss.dtd usr/share/payloadsallthethings/XSS Injection/Files/xss.htm usr/share/payloadsallthethings/XSS Injection/Files/xss.html.demo usr/share/payloadsallthethings/XSS Injection/Files/xss.hxt usr/share/payloadsallthethings/XSS Injection/Files/xss.mno usr/share/payloadsallthethings/XSS Injection/Files/xss.rdf usr/share/payloadsallthethings/XSS Injection/Files/xss.svgz usr/share/payloadsallthethings/XSS Injection/Files/xss.vml usr/share/payloadsallthethings/XSS Injection/Files/xss.wsdl usr/share/payloadsallthethings/XSS Injection/Files/xss.xht usr/share/payloadsallthethings/XSS Injection/Files/xss.xhtml usr/share/payloadsallthethings/XSS Injection/Files/xss.xml usr/share/payloadsallthethings/XSS Injection/Files/xss.xsd usr/share/payloadsallthethings/XSS Injection/Files/xss.xsf usr/share/payloadsallthethings/XSS Injection/Files/xss.xsl usr/share/payloadsallthethings/XSS Injection/Files/xss.xslt usr/share/payloadsallthethings/XSS Injection/Files/xss_comment_exif_metadata_double_quote.png usr/share/payloadsallthethings/XSS Injection/Files/xss_comment_exif_metadata_single_quote.png usr/share/payloadsallthethings/XSS Injection/Images usr/share/payloadsallthethings/XSS Injection/Images/DwrkbH1VAAErOI2.jpg usr/share/payloadsallthethings/XSS Injection/Intruders usr/share/payloadsallthethings/XSS Injection/Intruders/BRUTELOGIC-XSS-JS.txt usr/share/payloadsallthethings/XSS Injection/Intruders/BRUTELOGIC-XSS-STRINGS.txt usr/share/payloadsallthethings/XSS Injection/Intruders/IntrudersXSS.txt usr/share/payloadsallthethings/XSS Injection/Intruders/JHADDIX_XSS.txt usr/share/payloadsallthethings/XSS Injection/Intruders/MarioXSSVectors.txt usr/share/payloadsallthethings/XSS Injection/Intruders/RSNAKE_XSS.txt usr/share/payloadsallthethings/XSS Injection/Intruders/XSSDetection.txt usr/share/payloadsallthethings/XSS Injection/Intruders/XSS_Polyglots.txt usr/share/payloadsallthethings/XSS Injection/Intruders/jsonp_endpoint.txt usr/share/payloadsallthethings/XSS Injection/Intruders/xss_alert.txt usr/share/payloadsallthethings/XSS Injection/Intruders/xss_payloads_quick.txt usr/share/payloadsallthethings/XSS Injection/Intruders/xss_swf_fuzz.txt usr/share/payloadsallthethings/XSS Injection/README.md usr/share/payloadsallthethings/XSS Injection/XSS in Angular.md usr/share/payloadsallthethings/XSS Injection/XSS with Relative Path Overwrite.md usr/share/payloadsallthethings/XXE Injection usr/share/payloadsallthethings/XXE Injection/Files usr/share/payloadsallthethings/XXE Injection/Files/Classic XXE - etc passwd.xml usr/share/payloadsallthethings/XXE Injection/Files/Classic XXE B64 Encoded.xml usr/share/payloadsallthethings/XXE Injection/Files/Classic XXE.xml usr/share/payloadsallthethings/XXE Injection/Files/Deny Of Service - Billion Laugh Attack usr/share/payloadsallthethings/XXE Injection/Files/XXE OOB Attack (Yunusov, 2013).xml usr/share/payloadsallthethings/XXE Injection/Files/XXE PHP Wrapper.xml usr/share/payloadsallthethings/XXE Injection/Intruders usr/share/payloadsallthethings/XXE Injection/Intruders/XXE_Fuzzing.txt usr/share/payloadsallthethings/XXE Injection/Intruders/xml-attacks.txt usr/share/payloadsallthethings/XXE Injection/README.md usr/share/payloadsallthethings/YOUTUBE.md usr/share/payloadsallthethings/_template_vuln usr/share/payloadsallthethings/_template_vuln/README.md