Payload

A payload is a piece of code or data that will cause arbitrary actions on part of the vulnerable application.

• An XSS payload is written in specially-crafted HTML or JavaScript.

(Compatibility limited by browser)

• A SQL injection payload is usually written in specially-crafted SQL statements.

(Compatibility limited by SQL server version)

• A buffer overflow payload is typically specially-crafted machine code, otherwise known as shellcode.

(Compatibility limited by processor architecture)