https://github.com/payloadbox/command-injection-payload-list
https://support.portswigger.net/customer/portal/articles/2590661-using-burp-to-test-for-os-command-injection-vulnerabilities
https://www.hackerone.com/ethical-hacker/how-command-injections
https://book.hacktricks.xyz/pentesting-web/command-injection