Skip to content
@payload-box

PayloadBox

Attack payloads only.

Popular repositories Loading

  1. xss-payload-list xss-payload-list Public

    This project aims to provide a comprehensive resource for understanding and testing Cross-Site Scripting (XSS) vulnerabilities, one of the OWASP Top 10 security risks. It is designed to be a useful…

    12 2

  2. command-injection-payload-list command-injection-payload-list Public

    Command Injection Payload List

    4 1

  3. sql-injection-payload-list sql-injection-payload-list Public

    The primary goal of this project is to explain SQL Injection (one of the OWASP Top 10 vulnerabilities) and to provide a beneficial resource for the security community.

    PHP 3 3

  4. xxe-injection-payload-list xxe-injection-payload-list Public

    XML External Entity (XXE) Injection Payload List

    2

  5. csv-injection-payload-list csv-injection-payload-list Public

    CSV Injection Payload List

    2

  6. waf-bypass-payload-list waf-bypass-payload-list Public

    WAF Bypass Payload List

    2

Repositories

Showing 10 of 20 repositories
  • ssti-advanced-payload-list Public

    SSTI – Advanced / Polyglot Payloads

    payload-box/ssti-advanced-payload-list’s past year of commit activity
    1 MIT 0 0 0 Updated Jan 24, 2026
  • directory-payload-list Public

    Directory Payload List

    payload-box/directory-payload-list’s past year of commit activity
    1 MIT 0 0 0 Updated Jan 18, 2026
  • open-redirect-payload-list Public

    Open Redirect Payload List

    payload-box/open-redirect-payload-list’s past year of commit activity
    Python 1 MIT 0 0 0 Updated Jan 18, 2026
  • command-injection-payload-list Public

    Command Injection Payload List

    payload-box/command-injection-payload-list’s past year of commit activity
    4 MIT 1 0 0 Updated Jan 18, 2026
  • payload-box Public
    payload-box/payload-box’s past year of commit activity
    0 MIT 0 0 0 Updated Jan 10, 2026
  • protocol-injection-payload-list Public

    Protocol-Level Injection Payloads

    payload-box/protocol-injection-payload-list’s past year of commit activity
    0 MIT 0 0 0 Updated Jan 10, 2026
  • xxe-injection-payload-list Public

    XML External Entity (XXE) Injection Payload List

    payload-box/xxe-injection-payload-list’s past year of commit activity
    2 MIT 0 0 0 Updated Jan 10, 2026
  • http-request-smuggling-payloads Public

    HTTP Request Smuggling Payload List

    payload-box/http-request-smuggling-payloads’s past year of commit activity
    0 MIT 0 0 0 Updated Jan 10, 2026
  • crlf-injection-payload-list Public

    CRLF Injection Payload List

    payload-box/crlf-injection-payload-list’s past year of commit activity
    0 MIT 0 0 0 Updated Jan 10, 2026
  • csv-injection-payload-list Public

    CSV Injection Payload List

    payload-box/csv-injection-payload-list’s past year of commit activity
    2 MIT 0 0 0 Updated Jan 10, 2026
View all repositories

Top languages

Python PHP