Swissky
|
8c09568cb2
|
Regex + SSRF
|
2024-11-30 19:48:32 +01:00 |
|
Swissky
|
a338b2f12a
|
Normalize page header for SSTI, SAML, SSI
|
2024-11-10 19:14:16 +01:00 |
|
Swissky
|
df8d4d7f27
|
References updated for SAML, SSI, SSRF
|
2024-11-07 18:31:21 +01:00 |
|
Swissky
|
11d1704f42
|
Merge pull request #730 from Horlad/master
Adding r3dir tool to SSRF README.md
|
2024-11-02 15:20:09 +01:00 |
|
Swissky
|
541d89be64
|
Fix broken pictures
|
2024-09-13 21:59:29 +02:00 |
|
Horlad
|
b521dedb24
|
Adding r3dir tool to SSRF README.md
|
2024-06-27 17:01:41 +02:00 |
|
Horlad
|
4cf17a3fab
|
Update SSRF with redirect examples using r3dir README.md
|
2024-06-27 16:57:45 +02:00 |
|
Swissky
|
314e4da963
|
SSRF DNS AXFR + LFI PHAR payloads + LFI iconv
|
2024-06-16 21:17:42 +02:00 |
|
bsysop
|
dc461f170e
|
Adding "Hetzner Cloud" to the Summary
|
2024-04-05 11:55:54 -03:00 |
|
bsysop
|
3c9fdec3da
|
Adding Hetzner Cloud Metadata URL
https://docs.hetzner.cloud/#server-metadata
|
2024-04-04 23:43:34 -03:00 |
|
Dwi Siswanto
|
63379b9291
|
feat(SSRF): add tool
|
2023-08-25 16:34:45 +07:00 |
|
Swissky
|
f723ef4878
|
Merge pull request #651 from JLLeitschuh/patch-3
Add new AWS IPv6 SSRF Endpoint
|
2023-06-29 10:59:10 +02:00 |
|
Swissky
|
9711417161
|
Update README.md
|
2023-06-29 10:59:02 +02:00 |
|
Jonathan Leitschuh
|
bb3f865e10
|
Add new AWS IPv6 SSRF Endpoint
Documentation: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/instancedata-data-retrieval.html
|
2023-06-28 18:51:53 -04:00 |
|
Jitendra Patro
|
384f54af54
|
Merge branch 'swisskyrepo:master' into master
|
2023-06-28 15:51:00 +05:30 |
|
Jitendra Patro
|
391b18cf20
|
update bypass localhost with [::] payloads
|
2023-06-28 15:50:43 +05:30 |
|
Swissky
|
113afae290
|
AWS EC2 Metadata + SSSD token deobfuscate
|
2023-06-27 15:45:29 +02:00 |
|
Swissky
|
e9c1ce1c09
|
AWS Key Patterns
|
2023-06-22 19:03:06 +02:00 |
|
Swissky
|
726de9e9b2
|
Merge pull request #645 from azurit/ssrflocalhost
SSRF: bypass using IPv6/IPv4 Address Embedding
|
2023-06-09 10:48:54 +02:00 |
|
Swissky
|
b8c803717a
|
WDAC Policy Removal + SSRF domains
|
2023-05-31 14:18:25 +02:00 |
|
azurit
|
226569b753
|
Update README.md
|
2023-05-21 14:54:42 +02:00 |
|
Swissky
|
514ac98dac
|
SSRF + XSS details + XXE BOM
|
2022-12-13 22:29:20 +01:00 |
|
Fabian S. Varon Valencia
|
3822c27634
|
update old url's
|
2022-10-26 20:36:15 -05:00 |
|
Deep Dhakate
|
a670a26eea
|
Update
|
2022-10-02 06:13:01 +00:00 |
|
Swissky
|
fb7f10eab8
|
Merge pull request #485 from ajdumanhug/master
SSRF: Don't encode entire IP
|
2022-09-06 23:15:20 +02:00 |
|
Swissky
|
8d609b1460
|
Update README.md
|
2022-09-06 23:15:12 +02:00 |
|
Tasos T
|
023a3c38e3
|
Added information on 307 and 308 redirects
|
2022-05-19 12:55:11 +03:00 |
|
Swissky
|
b0d05faded
|
TruffleHog examples + Cortex XDR disable
|
2022-04-14 09:42:15 +02:00 |
|
Aj Dumanhug
|
3c441669d8
|
Update README.md
|
2022-03-13 01:30:37 +08:00 |
|
Swissky
|
21b3a0630f
|
Update README.md
|
2021-11-09 13:57:09 +01:00 |
|
Techbrunch
|
a614525b70
|
Replace xip.io by nip.io
xip.io appears to be dead
|
2021-11-09 11:15:44 +01:00 |
|
Swissky
|
c957271453
|
SSRF PDF PhantomJS
|
2021-09-08 12:49:32 +02:00 |
|
clem9669
|
f4053576f4
|
Update SSRF
Adding octal techniques for SSRF.
DEFCON video: https://www.youtube.com/watch?v=_o1RPJAe4kU
|
2021-08-06 15:55:55 +00:00 |
|
Aj Dumanhug
|
78e8bcf136
|
Add AWS SSRF Bypasses
|
2021-06-16 23:42:50 +08:00 |
|
Swissky
|
bd2166027e
|
GMSA Password + Dart Reverse Shell
|
2021-03-24 12:44:35 +01:00 |
|
Swissky
|
8d31b7240b
|
Office Attacks
|
2021-02-21 20:17:57 +01:00 |
|
PwnL0rd
|
bde7fc738c
|
added link in the reference section
|
2020-11-08 12:00:35 +05:30 |
|
security-is-myth
|
f3066722ee
|
update SSRF/README.md with java payloads
|
2020-11-07 22:07:18 +05:30 |
|
security-is-myth
|
08bc3acb05
|
update SSRF/README.md with java payloads
|
2020-11-07 22:03:02 +05:30 |
|
Robbie
|
e8fccb6dd2
|
Update README.md
added 169.254.169.254 decimal
|
2020-10-31 20:19:27 +00:00 |
|
Alex Lauerman
|
d5c1f39c0f
|
Added DNS Rebinding
|
2020-06-21 16:31:16 -05:00 |
|
Alex Lauerman
|
c39c904c9a
|
Moved bypasses under the bypasses section
|
2020-06-21 16:27:32 -05:00 |
|
Alex Lauerman
|
6d37ad9e2e
|
Improved Clarity of ssrf redirect
|
2020-06-21 16:19:15 -05:00 |
|
Swissky
|
ecf29c2cbe
|
Active Directory - Mitigations
|
2020-06-18 11:55:48 +02:00 |
|
bsysop
|
24981f945f
|
metadata.nicob.net not long resolve to metadata IP
```
$ dig +short metadata.nicob.net
...
```
Not resolving
|
2020-06-14 12:08:25 -03:00 |
|
Swissky
|
71ddb449ce
|
Windows Persistence
|
2020-06-01 21:37:32 +02:00 |
|
Swissky
|
4ca5e71c2f
|
Bind shell cheatsheet (Fix #194)
|
2020-05-24 14:09:46 +02:00 |
|
John
|
a5d220d599
|
Added SSRF bypass details
|
2020-05-13 12:19:36 -04:00 |
|
Techbrunch
|
3abf2aff2a
|
Update AWS SSRF tips
Added http://instance-data
|
2020-03-11 15:20:51 +01:00 |
|
Swissky
|
71171fa78b
|
SSRF exploiting WSGI
|
2020-01-05 22:11:28 +01:00 |
|