Anton Lopanitsyn
|
200a2d38d8
|
Fix fake xss
Actually, is not XSS.
Running scripts like <a href="data:text/html,<script>alert(location.origin)</script>">clickme</a> have location.origin "null".
|
2019-02-11 09:34:13 +03:00 |
|
Swissky
|
22c82cb277
|
Merge pull request #35 from noraj/patch-1
XSS using base64 encoded href data in a link
|
2019-01-17 19:54:37 +01:00 |
|
Swissky
|
0070ac5dc4
|
Phar PHP shell files
|
2019-01-10 22:36:30 +01:00 |
|
Alexandre ZANNI
|
c7a292c19d
|
XSS using base64 encoded href data in a link
|
2019-01-10 18:24:43 +01:00 |
|
Swissky
|
ea0bddc18a
|
Windows RCE wildcard + XSS UI redressing
|
2019-01-08 20:49:05 +01:00 |
|
Swissky
|
8b39647de6
|
AWS S3 and Open redirect rewritten
|
2018-12-29 13:05:29 +01:00 |
|
Swissky
|
82d4ff6c1d
|
References added based on @ngalongc bug-bounty-references
|
2018-12-25 16:10:15 +01:00 |
|
Swissky
|
a6475a19d9
|
Adding references sectio
|
2018-12-24 15:02:50 +01:00 |
|
Swissky
|
b4aff1a826
|
Architecture - Files/Intruder/Images and README + template
|
2018-12-23 00:45:45 +01:00 |
|
Swissky
|
928a454531
|
Blind XSS endpoint + SSRF Google + Nmap subdomains
|
2018-11-25 15:44:17 +01:00 |
|
Swissky
|
a0f8e846fa
|
Blind XSS - XSS Hunter, Sleepy Puppy etc
|
2018-11-18 15:37:01 +01:00 |
|
omer citak
|
081df9b24d
|
add new attack patterns from Daniel miessler
https://github.com/danielmiessler/SecLists/edit/master/Fuzzing/Polyglots/XSS-Polyglots.txt
new attack patterns: line 1, 2, 3.
|
2018-11-16 14:45:51 +03:00 |
|
Swissky
|
af9abc6592
|
More CVE - RCE : Jenkins, JBoss, WebLogic, WebSphere
|
2018-11-15 23:13:08 +01:00 |
|
Swissky
|
ddfdc51e68
|
Credit fix - WAF bypass
|
2018-11-09 12:43:30 +01:00 |
|
Swissky
|
86db6b7f6f
|
Polyglot XSS from @filedescriptor's Polyglot Challenge
|
2018-10-31 23:41:11 +01:00 |
|
Swissky
|
4b7fe437a5
|
LDAP userPassword attribute
|
2018-10-31 22:34:10 +01:00 |
|
Swissky
|
add00c7357
|
JWT JSON Web Token + SSI files
|
2018-10-29 22:22:10 +01:00 |
|
Swissky
|
f1eefd2722
|
Script Docker RCE
|
2018-10-18 17:32:01 +02:00 |
|
Swissky
|
cce0444245
|
SQL injection - Intruders payloads
|
2018-09-21 18:44:32 +02:00 |
|
Swissky
|
2a080f82e6
|
Cassandra SQL + XSS MD + PHP Type Juggling
|
2018-09-10 20:40:43 +02:00 |
|
Swissky
|
90f4c3634e
|
PDF JS
|
2018-09-06 20:28:30 +02:00 |
|
Swissky
|
64e577b650
|
CSP bypass fix link
|
2018-09-01 15:38:57 +02:00 |
|
Swissky
|
fe52b32af8
|
XSS CSP Bypass + PostgreSQL read/write
|
2018-09-01 15:36:33 +02:00 |
|
Swissky
|
cfbe1a4469
|
SSRF Docker & Kubernetes
|
2018-08-19 16:32:26 +02:00 |
|
Swissky
|
e11339e669
|
Markdown formatting - Part 3
|
2018-08-13 13:07:37 +02:00 |
|
Swissky
|
b87e14a0ed
|
Markdown formatting - Part 2
|
2018-08-13 12:01:13 +02:00 |
|
Swissky
|
65654f81a4
|
Markdown formatting update
|
2018-08-12 23:30:22 +02:00 |
|
Swissky
|
177c12cb79
|
Multiple update in READMEs + RCE tricks
|
2018-08-12 00:17:58 +02:00 |
|
Swissky
|
644724396f
|
LaTeX display code + XSS location alternative
|
2018-08-01 21:19:18 +02:00 |
|
Isopach
|
8e26277407
|
Update README.md
Correct misspelling
|
2018-07-31 18:02:38 +09:00 |
|
Swissky
|
4a0fc27578
|
XSS Colors highlighting + JS code eval
|
2018-06-27 20:00:17 +02:00 |
|
Swissky
|
e6b5dfa3de
|
Fix README broken links
|
2018-03-25 23:51:22 +02:00 |
|
Swissky
|
d1f6e8397d
|
Refactoring XSS 0/?
|
2018-03-23 13:53:53 +01:00 |
|
Swissky
|
30019235f8
|
SQLmap tips + Active Directory attacks + SQLite injections
|
2018-03-12 09:17:31 +01:00 |
|
Swissky
|
70f38d5678
|
Payloads - Quick fix
|
2018-02-23 13:48:51 +01:00 |
|
Swissky
|
b87c3fd7ff
|
Traversal Dir + NoSQL major updates + small addons
|
2018-02-15 23:27:42 +01:00 |
|
Swissky
|
fea88a5738
|
SVG XSS + SSRF enclosed alphanumerics
|
2017-11-19 14:01:36 +01:00 |
|
Swissky
|
edd5f3601f
|
File inclusion - more intruders
|
2017-10-21 16:48:17 +02:00 |
|
Swissky
|
1ca215d5d7
|
Multiple update - LFI/RCE via phpinfo, Struts2 v2
|
2017-09-13 23:55:29 +02:00 |
|
Rakesh Mane
|
6e42b617cc
|
Update README.md
|
2017-08-07 21:22:36 +05:30 |
|
Swissky
|
dad26ce5e5
|
More Burp Intruder file - SQLi + Path traversal + XSS
|
2017-08-06 01:12:41 +02:00 |
|
Swissky
|
8a3693855f
|
XSS Intruder + Eicar + SSRF http://0
|
2017-07-30 13:17:00 +02:00 |
|
Swissky
|
064467ecfc
|
SSTI + XSS Flash
|
2017-07-16 16:30:08 +02:00 |
|
Swissky
|
94470a2544
|
More payloads for XSS/SQL/LFI/Upload and XXE
|
2017-06-04 17:22:26 +02:00 |
|
Swissky
|
eecfc69c08
|
XSS Payload - bypass document blacklisted keyword
|
2017-03-02 17:39:15 +01:00 |
|
Swissky
|
23f00b55d5
|
Update SQL injection with Information.schema alternatives
|
2017-02-06 09:50:13 +01:00 |
|
Swissky
|
c9e13fcc36
|
XSS Unicode update
|
2017-01-21 15:38:47 +01:00 |
|
swisskyrepo
|
b01c249da8
|
Update XSS with AngularJS Bypass 1.1.0 to 1.6.0
|
2017-01-15 19:14:39 +01:00 |
|
swisskyrepo
|
bb238f7301
|
Minor Updates in SQL-SSRF-XSS
|
2017-01-07 20:51:47 +01:00 |
|
swisskyrepo
|
14a82a14a4
|
Methodo, SQL,RCE,XSS,XXE updated
|
2016-12-20 19:46:06 +01:00 |
|