Commit Graph

1035 Commits

Author SHA1 Message Date
Alexandre ZANNI
a1eb693270
routed injection in ToC 2018-09-20 23:52:07 +02:00
Swissky
7a80647e63 Raw MD5 SQL injection + SSH Konami Code 2018-09-10 23:12:29 +02:00
Swissky
2a080f82e6 Cassandra SQL + XSS MD + PHP Type Juggling 2018-09-10 20:40:43 +02:00
Swissky
90f4c3634e PDF JS 2018-09-06 20:28:30 +02:00
Swissky
beb0ce8c54 Linux Persistence + WebLogic RCE 2018-09-03 18:41:05 +02:00
Swissky
011baa7321
Merge pull request #22 from cclauss/patch-1
Use octal numbers that work in both Python 2 and 3
2018-09-02 15:57:48 +02:00
cclauss
d642980f8c
Use octal numbers that work in both Python 2 and 3
python2 -c "print(0777 << 16L == 0o777 << 16)"  # True
2018-09-02 14:09:55 +02:00
Swissky
d847e2e6bb
Merge pull request #21 from cclauss/patch-1
import string in uploadlfi.py
2018-09-02 13:54:45 +02:00
cclauss
150110a96c
import string in uploadlfi.py
__string__ is used twice on line 13 but it is never imported.
2018-09-02 13:24:35 +02:00
Swissky
64e577b650 CSP bypass fix link 2018-09-01 15:38:57 +02:00
Swissky
fe52b32af8 XSS CSP Bypass + PostgreSQL read/write 2018-09-01 15:36:33 +02:00
Swissky
c38adaded3 CVE Apache Struts + XSS in Python Notebook 2018-08-28 18:48:26 +02:00
Swissky
2a54753d11
Merge pull request #20 from developersatyendra/master
latest Apache struts CVE 2018 exploit added
2018-08-28 18:37:17 +02:00
developersatyendra
e2bd481882
Rename ApacheStrutsV3.py to ApacheStrutsV3-2018.py 2018-08-28 03:15:10 -04:00
developersatyendra
72e73e38c2
Created ApacheStrutsV3.py
added latest apache struts exploit which is written by @s1kr10s
2018-08-28 03:14:40 -04:00
Swissky
f612a91bb5 LFI via Upload (race condition) + Network Pivot nmap 2018-08-26 15:43:26 +02:00
Swissky
b2faf8c747 SSRF bugfix picture 2018-08-23 19:16:38 +02:00
Swissky
2b7acbc493 SSRF - Bad Parsers 2018-08-23 19:15:15 +02:00
Swissky
0c707c4188 ImageTragick v2 + Angular 1.6+ XSS 2018-08-22 21:42:25 +02:00
Swissky
fe7314444c Phar Wrapper - "unserialize" 2018-08-19 18:47:32 +02:00
Swissky
cfbe1a4469 SSRF Docker & Kubernetes 2018-08-19 16:32:26 +02:00
Swissky
e11339e669 Markdown formatting - Part 3 2018-08-13 13:07:37 +02:00
Swissky
b87e14a0ed Markdown formatting - Part 2 2018-08-13 12:01:13 +02:00
Swissky
65654f81a4 Markdown formatting update 2018-08-12 23:30:22 +02:00
Swissky
177c12cb79 Multiple update in READMEs + RCE tricks 2018-08-12 00:17:58 +02:00
Swissky
b20cdde4d9 Adding soffensive's windowsblindread file 2018-08-03 17:56:29 +02:00
Swissky
644724396f LaTeX display code + XSS location alternative 2018-08-01 21:19:18 +02:00
Swissky
dcc5ebd3b6 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2018-07-31 19:23:13 +02:00
Swissky
ce1096830d
Merge pull request #19 from Isopach/Isopach-patch-1
Update README.md
2018-07-31 13:28:31 +02:00
Isopach
8e26277407
Update README.md
Correct misspelling
2018-07-31 18:02:38 +09:00
Swissky
4e1077c25e Weblogic RCE CVE 2018 2894 2018-07-26 19:15:53 +02:00
Swissky
6524c8e544 LaTex injection - typo language markdown 2018-07-22 22:39:37 +02:00
Swissky
15891b3ab4 LaTeX injection + RCE bypass with backslash 2018-07-22 22:35:46 +02:00
Swissky
93f4bbb19e AD BloodHound + AD Relationship + SSRF Digital Ocean 2018-07-15 11:06:43 +02:00
Swissky
4b093d12fb PHP Object serialization + README update 2018-07-09 19:49:56 +02:00
Swissky
cdc3adee51 PassTheTicket + OpenShare + Tools(CME example) 2018-07-08 20:03:40 +02:00
Swissky
4cf28496e0 Beer contributing 2018-07-07 12:48:02 +02:00
Swissky
abd3c565da Coffee contributing 2018-07-07 12:45:32 +02:00
Swissky
76aefd9da2 Path traversal refactor + AD cme module msf/empire + IIS web.config 2018-07-07 12:04:55 +02:00
Swissky
4a0fc27578 XSS Colors highlighting + JS code eval 2018-06-27 20:00:17 +02:00
Swissky
a7439d812d Windows port forwarding - Netsh 2018-06-09 18:56:19 +02:00
Swissky
4ad7c70e89 SSRF to XSS + Retail account Windows 2018-06-06 00:05:28 +02:00
Swissky
8eb6cb80f9 GPP decrypt + SSRF url for cloud providers 2018-05-27 22:27:31 +02:00
Swissky
e261836532 Windows PrivEsc + SQLi second order + AD DiskShadow 2018-05-20 22:10:33 +02:00
Swissky
f1cb7ce50e SQL Cheatsheets - Refactoring part 1 2018-05-16 23:33:14 +02:00
Swissky
81eebeaea2 AD - Ropnop Tricks 2018-05-08 22:11:36 +02:00
Swissky
6a39f25661 AD - refactor part 4 (link and src) 2018-05-06 19:07:34 +02:00
Swissky
c5bbe88372 AD - refactor part3 2018-05-05 23:11:17 +02:00
Swissky
1feccf84cb AD refactor - Part 2 : summary 2018-05-05 17:41:04 +02:00
Swissky
6869c399d5 AD refactoring part1 2018-05-05 17:32:19 +02:00