Git/mgeeky-Penetration-Testing-Tools
1
0
Fork 0
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git synced 2025-07-16 13:31:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
clouds
file-formats
linux
networks
others
phishing
red-teaming
web
burpContextAwareFuzzer
dirbuster
payloads
README.md
Server-Side-Template-Injections.txt
proxy2
py-collaborator
tomcatWarDeployer
README.md
XXE_payloads
ajax_crawl.js
ajax_crawl2.js
blind-xxe-payload-1.txt
blindxxe.py
burp-curl-beautifier.py
burpCookieToUrl.py
create_mitm_certificate.sh
dummy-web-server.py
http-auth-timing.py
java-XMLDecoder-RCE.md
oRTC-leak-internal-ip.js
padding-oracle-tests.py
pickle-payload.py
post.php
reencode.py
sqlmap-tamper-scripts-evaluation.md
struts-cheatsheet.md
webshell.aspx
webshell.jsp
xml-attacks.md
ysoserial-generator.py
windows
.gitmodules
LICENSE.txt
README.md
4f0d22509289b49fbb37cea7570f41dc27c0ba1c
mgeeky-Penetration-Testing-…/web/payloads
History
Mariusz e74dedab09 Update README.md
2019-01-29 11:24:26 +01:00
..
README.md
Update README.md
2019-01-29 11:24:26 +01:00
Server-Side-Template-Injections.txt
Update Server-Side-Template-Injections.txt
2019-01-29 11:23:43 +01:00

README.md

Web Applications penetration testing related PAYLOADS that are actually useful

  • Server-Side-Template-Injections.txt - Various Server-Side Template Injection static payloads, targeting couple of various templating implementations (also some of the Client-Side ones like in AngularJS). The evaluated expression to look/grep for is: 1868686868 or aaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbb. Use it with Burp Intruder's Grep functionality, or simply look out for that pattern while hanging around the application. (gist)