https://github.com/payloadbox/command-injection-payload-list

https://support.portswigger.net/customer/portal/articles/2590661-using-burp-to-test-for-os-command-injection-vulnerabilities

https://www.hackerone.com/ethical-hacker/how-command-injections

https://book.hacktricks.xyz/pentesting-web/command-injection