#Payload

Showing 60 of 81 repositories tagged #payload, ranked by stars

swisskyrepo
swisskyrepo
PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Score
100
★ 79.0k ⑂ 17.2k +72/day
Python
payloadcms
payloadcms
payload

Payload is the open-source, fullstack Next.js framework, giving you instant backend superpowers. Get a full TypeScript backend and admin panel instantly. Use Payload as a headless CMS or for building powerful applications.

Score
100
★ 43.5k ⑂ 3.9k +13/day
TypeScript
A-poc
A-poc
RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

Score
100
★ 9.4k ⑂ 1.3k +173/day
n1nj4sec
n1nj4sec
pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Score
75
★ 9.0k ⑂ 1.9k
Python
daffainfo
daffainfo
AllAboutBugBounty

All about bug bounty (bypasses, payloads, and etc)

Score
93
★ 6.8k ⑂ 1.3k +14/day
arismelachroinos
arismelachroinos
lscript

The LAZY script will make your life easier, and of course faster.

Score
91
★ 4.3k ⑂ 1.1k
Shell
foospidy
foospidy
payloads

Git All the Payloads! A collection of web attack payloads.

Score
90
★ 4.0k ⑂ 991 +2/day
Shell
nathanlopez
nathanlopez
Stitch

Python Remote Administration Tool (RAT)

Score
25
★ 3.6k ⑂ 709
Python
tiagorlampert
tiagorlampert
CHAOS

:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.

Score
100
★ 2.8k ⑂ 591 +1/day
Go
Voorivex
Voorivex
pentest-guide

Penetration tests guide based on OWASP including test cases, resources and examples.

Score
87
★ 2.8k ⑂ 575 +2/day
ssl
ssl
ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Score
99
★ 2.3k ⑂ 386 +4/day
PHP
MTK911
MTK911
Attiny85

RubberDucky like payloads for DigiSpark Attiny85

Score
81
★ 1.6k ⑂ 405
C++
tokyoneon
tokyoneon
Chimera

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Score
79
★ 1.6k ⑂ 255
PowerShell
wgpsec
wgpsec
AboutSecurity

Everything for pentest. | 渗透测试知识库,以 AI Agent 可执行的格式沉淀安全方法论。

Score
97
★ 1.6k ⑂ 228 +21/day
Python
infobyte
infobyte
evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

Score
76
★ 1.3k ⑂ 276
Perl
screetsec
screetsec
Brutal

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

Score
75
★ 1.3k ⑂ 285 +1/day
C++
Athena-OS
Athena-OS
athena

Athena OS is a Arch/Nix-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!

Score
96
★ 1.2k ⑂ 109 +5/day
Vim Script
Puliczek
Puliczek
CVE-2021-44228-PoC-log4j-bypass-words

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Score
72
★ 950 ⑂ 135
Java
sh377c0d3
sh377c0d3
AppSec-Payloads

AppSec Payloads Arsenal for Pentration Tester and Bug Bounty Hunters

Score
94
★ 938 ⑂ 194
PHP
xajkep
xajkep
wordlists

Infosec Wordlists and more.

Score
50
★ 935 ⑂ 245
Python
CodingRanjith
CodingRanjith
hackingtoolkit

ALL IN ONE Hacking Tool For Hackers, Penetration Tester and Cybersecurity. New Version Beginner to Advanced Tool. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

Score
78
★ 723 ⑂ 108 +3/day
Python
EgeBalci
EgeBalci
HERCULES

HERCULES is a special payload generator that can bypass antivirus softwares.

Score
0
★ 601 ⑂ 154
Go
postrequest
postrequest
link

link is a command and control framework written in rust

Score
0
★ 579 ⑂ 88
Rust
EntySec
EntySec
RomBuster

RomBuster is a router exploitation tool that allows to disclosure network router admin password.

Score
66
★ 555 ⑂ 87 +1/day
Python
HynekPetrak
HynekPetrak
malware-jail

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

Score
63
★ 476 ⑂ 97 +1/day
JavaScript
Deadpool2000
Deadpool2000
Paybag

Simple and easy Metasploit payload generator for Linux & Termux

Score
0
★ 459 ⑂ 34
Python
Plazmaz
Plazmaz
LNKUp

Generates malicious LNK file payloads for data exfiltration

Score
59
★ 456 ⑂ 55
Python
3516634930
3516634930
Payloader

渗透测试Payload速查平台 | Pentest Payload Quick Reference | XSS/SQLi/SSRF/RCE | React+TypeScript

Score
88
★ 438 ⑂ 112 +4/day
TypeScript
brandonprry
brandonprry
gray_hat_csharp_code

This repository contains full code examples from the book Gray Hat C#

Score
62
★ 397 ⑂ 123
C#
SecNN
SecNN
AiScan-N

AiScan-N 来了!这是一款基于人工智能驱动的Ai自动化网络安全(运维)工具,专注于网络安全评估、漏洞扫描、运维、应急响应、渗透测试自动化,Ai大模型工具集【CLI Agent】 ,Ai驱动的安全检测技术,提升安全测试(运维)效率,专为企业和个人用户打造,尤其适合初学者(小白)快速上手使用,让你轻松迈入智能安全攻防时代!适用场景 :如(红队演练、CTF比赛、Web应用渗透测试、内网横向移动、密码破解与暴力攻击、流量分析与威胁检测、APT攻击模拟、漏洞赏金挑战等场景)🎥演示视频(文章中):https://mp.weixin.qq.com/s/7lsUdbrxkDy4P5pZhEWv7Q

Score
85
★ 388 ⑂ 43 +5/day
grugnoymeme
grugnoymeme
flipperzero-badUSB

A collection of selected badUSB script for Flipper Zero, written by me. This repo is always Work In Progress.

Score
54
★ 373 ⑂ 20
Shell
Puliczek
Puliczek
CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

Score
51
★ 339 ⑂ 32
HTML
UPDOT
UPDOT
payload-auth-plugin

Authentication plugin for Payload CMS

Score
0
★ 303 ⑂ 40 +3/day
TypeScript
ANG13T
ANG13T
payload-wizard

AI assistant that utilizes GPT language models to interpret and generate cybersecurity payloads 🪄

Score
50
★ 284 ⑂ 54
TypeScript
tokyoneon
tokyoneon
Armor

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

Score
49
★ 278 ⑂ 56
Shell
FrenchCisco
FrenchCisco
RATel

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

Score
53
★ 277 ⑂ 65
Python
ElJaviLuki
ElJaviLuki
CobaltStrike_OpenBeacon

Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.

Score
47
★ 269 ⑂ 54 +1/day
C
BYTEHACKING-CREATIVE
BYTEHACKING-CREATIVE
SPYBOMB

SPY BOMB is a tool used to generate various payloads for android,windows,ios,mac and many more it is very user friendly tool.

Score
44
★ 260 ⑂ 32
Shell
Athena-OS
Athena-OS
athena-nix

Athena OS Nix configuration files focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!

Score
84
★ 251 ⑂ 31
Nix
yasserbdj96
yasserbdj96
hiphp

The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range of activities such as downloading and editing files. It also allows for connecting to Tor networks with password protection for extra security.

Score
82
★ 215 ⑂ 32
Python
Puliczek
Puliczek
CVE-2021-21123-PoC-Google-Chrome

🐱‍💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...

Score
40
★ 175 ⑂ 24
HTML
tokyoneon
tokyoneon
Arcane

Arcane is a simple script designed to backdoor iOS packages (iphone-arm) and create the necessary resources for APT repositories.

Score
38
★ 155 ⑂ 29
Shell
evyatar9
evyatar9
Writeups

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Score
65
★ 155 ⑂ 16
HTML
DosX-dev
DosX-dev
NET-MalwareCryptor

Legacy OpenSource malware packer for .NET Framework executable files

Score
34
★ 130 ⑂ 6
Visual Basic .NET
payload-box
payload-box
xss-payload-list

This project aims to provide a comprehensive resource for understanding and testing Cross-Site Scripting (XSS) vulnerabilities, one of the OWASP Top 10 security risks. It is designed to be a useful resource for security researchers, penetration testers, and developers.

Score
68
★ 127 ⑂ 15 +3/day
postrequest
postrequest
xeca

PowerShell payload generator

Score
35
★ 120 ⑂ 22
PowerShell
chainski
chainski
ForceAdmin

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

Score
71
★ 119 ⑂ 19
AutoIt
canarddu38
canarddu38
DUCKSPLOIT

Windows Hacking FrameWork using Reverse Shell

Score
69
★ 111 ⑂ 17
C#
DosX-dev
DosX-dev
DotNET_XorCryptor

A new simple and powerfull packer for malware

Score
29
★ 106 ⑂ 11
Visual Basic .NET
machine1337
machine1337
window-rat

The purpose of this tool is to test the window10 defender protection and also other antivirus protection.

Score
37
★ 95 ⑂ 44
Python
quantumcore
quantumcore
maalik

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Score
32
★ 94 ⑂ 24
C
bL34cHig0
bL34cHig0
Pentest-Resources-Cheat-Sheets

This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-ups, tools, techniques, programming/scripting notes, and more. I documented them in this repo to provide like-minded offensive security enthusiasts and professionals easy access to these valuable resources.

Score
74
★ 90 ⑂ 20
sexettin78
sexettin78
sexettintool

İçerisinde 100'den fazla modül ve özelliği barındıran çok amaçlı bir siber güvenlik aracı.

Score
28
★ 87 ⑂ 13
Python
hackThacker
hackThacker
advtools

Automated PowerHacker Suite: Your all-in-one solution for ethical hacking. Conduct comprehensive network mapping, vulnerability assessments, password cracking, wireless network analysis, social engineering simulations, and more. Generate real-time reports with actionable insights to identify vulnerabilities and recommend countermeasures.

Score
43
★ 86 ⑂ 6 +1/day
Python
SecNN
SecNN
SecNN-Wiki

Wiki漏洞库管理系统&网络安全知识库-渗透测试常见漏洞知识库文档-该网站收集了Web应用层漏洞、中间件安全缺陷、系统配置不当、移动端(Android)安全问题、权限提升、RCE、网络设备及IOT安全。

Score
0
★ 83 ⑂ 22
syedinsaf
syedinsaf
otaripper

Fast, safe, and reliable Android OTA partition extractor

Score
0
★ 76 ⑂ 9 +1/day
Rust
TheGeekHT
TheGeekHT
Loki.Rat

Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.

Score
31
★ 76 ⑂ 32
Python
R3LI4NT
R3LI4NT
road-to-hacking

¿Quieres empezar en el mundo hacking? En esta revista te enseño a instalar Kali Linux desde cero y a manipular herramientas esenciales en el Hacking Ético.

Score
24
★ 74 ⑂ 4
payload-box
payload-box
sql-injection-payload-list

The primary goal of this project is to explain SQL Injection (one of the OWASP Top 10 vulnerabilities) and to provide a beneficial resource for the security community.

Score
60
★ 72 ⑂ 25 +3/day
PHP
shaadcode
shaadcode
payload-auditor

Payload CMS plugin for event tracking, auditing, and security. Monitor activities and analyze user behavior.

Score
57
★ 70 ⑂ 6
TypeScript
Related Topics
#hacking#penetration-testing#pentesting#security#cybersecurity#pentest#payloads#windows#linux#bugbounty#redteam#exploit

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly