XSS

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xss.md

• https://github.com/payloadbox/xss-payload-list

• https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/README.md

SQLi

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/sqli.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SQL%20Injection

SSRF

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/ssrf.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery

CRLF

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crlf.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection

CSV

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/csv-injection.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSV%20Injection

Command Injection

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Command%20Injection

Directory traversal

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Directory%20Traversal

LFI

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/lfi.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion

XXE

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xxe.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection

Open redirect

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/open-redirect.md

RCE

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/rce.md

Crypto

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/crypto.md

Template

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/template-injection.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection

XSLT

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xslt.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSLT%20Injection

Content

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/content-injection.md

LDAP

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection

NoSQLi

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/NoSQL%20Injection

GraphQL

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/GraphQL%20Injection

CSRF

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSRF%20Injection

IDOR

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Direct%20Object%20References

ISCM

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Source%20Code%20Management

LaTex

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Source%20Code%20Management

OAuth

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/OAuth

XPATH

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XPATH%20Injection

CORS

• https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/cors.md

• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CORS%20Misconfiguration