[OWASP-Bangalore] Payloads for manual pen test

us1903 sharu89 at gmail.com
Mon Mar 18 10:21:40 UTC 2013

If you are just looking for payloads and attack vectors then I'm guessing
you are fuzzing.

Here's OWASP list for fuzz testing:

For SQL injection:

There are some cheatsheets on: *ha*.*ckers*.org

Do a web search with <attack name> cheatsheet...you will find many :)


On Mon, Mar 18, 2013 at 3:33 PM, Kannan, Vinod K <
vinod.k.kannan at jpmorgan.com> wrote:

>   Hi all,****
> ** **
> I need a list of payloads that can be used during a manual web pen test.
> For example I looking for use cases like ‘OR 1=1’ that we type in to check
> for SQL injections vulnerabilities. I need the whole list of usages like
> this for various vulnerabilities. Any help is highly appreciated.****
> ** **
> Regards,****
> Vinod  ****
> This email is confidential and subject to important disclaimers and
> conditions including on offers for the purchase or sale of securities,
> accuracy and completeness of information, viruses, confidentiality, legal
> privilege, and legal entity disclaimers, available at
> http://www.jpmorgan.com/pages/disclosures/email.
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20130318/475200b4/attachment.html>

More information about the OWASP-Bangalore mailing list