Swissky
|
86e246dd03
|
Prototype Pollution
|
2023-07-07 23:10:33 +02:00 |
|
Swissky
|
0a75beeccd
|
Merge pull request #652 from clem9669/master
Update README.md for Latex injection
|
2023-06-29 12:27:22 +02:00 |
|
clem9669
|
fa3cf25c55
|
Update README.md
|
2023-06-29 10:19:14 +00:00 |
|
Swissky
|
f723ef4878
|
Merge pull request #651 from JLLeitschuh/patch-3
Add new AWS IPv6 SSRF Endpoint
|
2023-06-29 10:59:10 +02:00 |
|
Swissky
|
9711417161
|
Update README.md
|
2023-06-29 10:59:02 +02:00 |
|
Swissky
|
a8161ef48c
|
Merge pull request #650 from Xhoenix/master
update ssrf payloads
|
2023-06-29 10:41:31 +02:00 |
|
Jonathan Leitschuh
|
bb3f865e10
|
Add new AWS IPv6 SSRF Endpoint
Documentation: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/instancedata-data-retrieval.html
|
2023-06-28 18:51:53 -04:00 |
|
Jitendra Patro
|
384f54af54
|
Merge branch 'swisskyrepo:master' into master
|
2023-06-28 15:51:00 +05:30 |
|
Jitendra Patro
|
391b18cf20
|
update bypass localhost with [::] payloads
|
2023-06-28 15:50:43 +05:30 |
|
Swissky
|
70396ec71d
|
Merge pull request #649 from MotiHarmats/patch-1
Add CI/CD payloads
|
2023-06-28 10:26:10 +02:00 |
|
Swissky
|
ec11a14e4e
|
Merge pull request #648 from mpgn/master
Use new offical CME repository
|
2023-06-28 10:18:55 +02:00 |
|
MotiHarmats
|
de8d4796af
|
Add CI/CD payloads
|
2023-06-28 11:15:58 +03:00 |
|
mpgn
|
35b0d672f0
|
Use new offical CME repository
|
2023-06-28 10:12:15 +02:00 |
|
Swissky
|
113afae290
|
AWS EC2 Metadata + SSSD token deobfuscate
|
2023-06-27 15:45:29 +02:00 |
|
Swissky
|
5ddd8e04da
|
MSSQL - Stacked Queries Delimiters
|
2023-06-25 00:02:54 +02:00 |
|
Swissky
|
e9c1ce1c09
|
AWS Key Patterns
|
2023-06-22 19:03:06 +02:00 |
|
Swissky
|
fc36b38430
|
DOM Clobbering
|
2023-06-10 20:08:23 +02:00 |
|
Swissky
|
726de9e9b2
|
Merge pull request #645 from azurit/ssrflocalhost
SSRF: bypass using IPv6/IPv4 Address Embedding
|
2023-06-09 10:48:54 +02:00 |
|
Swissky
|
10df57a531
|
Type Juggling
|
2023-06-09 10:46:54 +02:00 |
|
Swissky
|
de6e91657d
|
Type Juggling - Loose Comparison and Exploit
|
2023-06-09 10:45:45 +02:00 |
|
Swissky
|
f0d02d2414
|
Merge pull request #647 from noraj/patch-1
xxe - go secure workshop
|
2023-06-08 11:09:10 +02:00 |
|
Swissky
|
aba6f1e731
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2023-06-08 11:07:39 +02:00 |
|
Swissky
|
93fa4df7cd
|
Prompt Injection
|
2023-06-08 11:06:37 +02:00 |
|
Alexandre ZANNI
|
3e8a39a87d
|
xxe - go secure workshop
|
2023-06-08 10:14:35 +02:00 |
|
Swissky
|
e17b6e1ac4
|
Merge pull request #646 from NaxnN/patch-1
Update SSTI README.md
|
2023-06-07 09:46:59 +02:00 |
|
KeoOp
|
598d2ca3fa
|
Update README.md
|
2023-06-07 14:15:07 +08:00 |
|
Swissky
|
b8c803717a
|
WDAC Policy Removal + SSRF domains
|
2023-05-31 14:18:25 +02:00 |
|
azurit
|
226569b753
|
Update README.md
|
2023-05-21 14:54:42 +02:00 |
|
Swissky
|
f85f2cb4c6
|
Merge pull request #644 from rdbo/patch-1
Fixed typos on README.md
|
2023-05-18 13:32:58 +02:00 |
|
Rdbo
|
83b2d80a56
|
fixed typos
|
2023-05-18 01:58:36 +00:00 |
|
Swissky
|
0a07e07d00
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2023-05-15 19:23:58 +02:00 |
|
Swissky
|
6adfe5d865
|
GraphQL Batching Attacks
|
2023-05-15 19:23:07 +02:00 |
|
Swissky
|
af4ade2a44
|
Merge pull request #643 from p0dalirius/patch-2
SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]
|
2023-05-09 20:16:05 +02:00 |
|
Rémi GASCOU (Podalirius)
|
b3f98adf0c
|
SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]
|
2023-05-09 20:15:02 +02:00 |
|
Swissky
|
8d2c30e969
|
Merge pull request #642 from p0dalirius/patch-1
Adding Jinja2 RCE through lipsum in Templates
|
2023-05-09 18:58:57 +02:00 |
|
Rémi GASCOU (Podalirius)
|
9c2b040242
|
Adding Jinja2 RCE through lipsum in Templates
|
2023-05-09 18:34:35 +02:00 |
|
Swissky
|
5af6a23a2e
|
DPAPI LocalMachine + BitLocker
|
2023-05-08 17:08:25 +02:00 |
|
Swissky
|
0dd92aa89d
|
Merge pull request #640 from m3dsec/patch-2
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)
|
2023-05-08 16:22:30 +02:00 |
|
m3dsec
|
8156f495fb
|
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)
|
2023-04-30 21:45:33 +01:00 |
|
Swissky
|
55df53105e
|
Merge pull request #639 from TomWilford/master
Added Twig 'passthru' filter exploits
|
2023-04-28 16:24:20 +02:00 |
|
Tom Wilford
|
c1dc141e13
|
Added 'passthru' filter exploits
|
2023-04-28 14:47:59 +01:00 |
|
Swissky
|
1e66a42bba
|
Merge pull request #638 from ZkClown/master
Add some stuff on Office exec, Network Recon and Active Directory methodo
|
2023-04-20 21:31:23 +02:00 |
|
ZkClown
|
0f4d747913
|
Add injection into AD through ldap signing not required and ldap channel binding disabled
|
2023-04-20 15:38:26 +02:00 |
|
ZkClown
|
8b543c80aa
|
Add network scan with pure bash
|
2023-04-20 15:21:48 +02:00 |
|
ZkClown
|
2a4ce78080
|
Add Office execute WinAPI via VBA
|
2023-04-20 15:00:33 +02:00 |
|
Swissky
|
b0445a7250
|
Merge pull request #637 from ZkClown/master
Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling
|
2023-04-19 21:51:04 +02:00 |
|
ZkClown
|
47df1695a1
|
Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling
|
2023-04-19 17:59:10 +02:00 |
|
Swissky
|
e717839fda
|
Merge pull request #635 from MatteoPaier/fix-param-pollution-golang
Fixed Golang net/http param pollution outcome
|
2023-04-14 17:48:01 +02:00 |
|
Swissky
|
6861c46fcd
|
MySQL MSSQL Oracle SQL Update
|
2023-04-14 17:45:45 +02:00 |
|
Matteo Paier
|
c3f5da6014
|
Fixed Golang net/http param pollution outcome
|
2023-04-14 14:41:35 +02:00 |
|