Payloads All The Things

A list of usefull payloads and bypasses for Web Application Security Feel free to improve with your payloads (I <3 pull requests) :)

To improve:

• RCE
• SQL injection
• XXE
• SSRF
• Upload
• Tar command exec
• Traversal Directory
• XSS
• PHP Include
• CSV Injection
• PHP Serialization