Commit Graph

192 Commits

Author SHA1 Message Date
Swissky
e261836532 Windows PrivEsc + SQLi second order + AD DiskShadow 2018-05-20 22:10:33 +02:00
Swissky
f1cb7ce50e SQL Cheatsheets - Refactoring part 1 2018-05-16 23:33:14 +02:00
Swissky
81eebeaea2 AD - Ropnop Tricks 2018-05-08 22:11:36 +02:00
Swissky
6a39f25661 AD - refactor part 4 (link and src) 2018-05-06 19:07:34 +02:00
Swissky
c5bbe88372 AD - refactor part3 2018-05-05 23:11:17 +02:00
Swissky
1feccf84cb AD refactor - Part 2 : summary 2018-05-05 17:41:04 +02:00
Swissky
6869c399d5 AD refactoring part1 2018-05-05 17:32:19 +02:00
Swissky
2dcffadd46 AD - Little fixes and refactor 2018-04-28 19:54:32 +02:00
Swissky
cb3b298451 Oracle SQL + SQL injection updates (MS SQL/MYSQL/ GENERAL) 2018-04-27 23:31:58 +02:00
Swissky
8209d32baf Abstract for methodology 2018-04-23 21:22:11 +02:00
Swissky
54661cbd70 Bugfix - Tables Token/Brand 2018-04-23 20:55:26 +02:00
Swissky
aace268267 Payment functionality - International Tests 2018-04-23 20:45:54 +02:00
Swissky
02484cee00 BUGFIX: API Payment 2018-04-23 18:46:09 +02:00
Swissky
9c5eade544 Update methodology - Bugfix 2018-04-23 18:44:49 +02:00
Swissky
f832022920 Drupalgeddon2 update + Payment API in Methodology 2018-04-23 18:41:59 +02:00
Swissky
39b5e0e122 Drupal exploit 2018-04-17 21:39:26 +02:00
Swissky
f62d466340 Fix Golden Ticket 2018-04-15 16:02:27 +02:00
Swissky
b8fbca3347 AD Attack - Golden Ticket + SQL/OpenRed/SSRF 2018-04-12 23:23:41 +02:00
Swissky
354d94219e
Merge pull request #18 from zer0trip/patch-1
Update README.md
2018-03-28 09:52:53 +02:00
Sean Adams
058fb1e08d
Update README.md
Added OpenVAS to tools
Added Hackers.gg to Online Challenges
Added note regarding Firefox Quantum and Hackbar.
2018-03-27 19:55:14 -04:00
Swissky
040c39ead1
Merge pull request #17 from SeanCodingOnline/patch-1
Update README.md
2018-03-27 19:59:27 +02:00
Sean Adams
b87a2082bd
Update README.md
Correct misspelling.
2018-03-27 12:51:39 -04:00
Swissky
a7f3ebc0ee
Merge pull request #15 from paralax/patch-1
fix markdown formatting, no content changes
2018-03-26 15:57:47 +02:00
jose nazario
8adf5948f9
fix markdown formatting, no content changes 2018-03-26 09:47:44 -04:00
Swissky
e6b5dfa3de Fix README broken links 2018-03-25 23:51:22 +02:00
Swissky
d1f6e8397d Refactoring XSS 0/? 2018-03-23 13:53:53 +01:00
Swissky
30019235f8 SQLmap tips + Active Directory attacks + SQLite injections 2018-03-12 09:17:31 +01:00
Swissky
70f38d5678 Payloads - Quick fix 2018-02-23 13:48:51 +01:00
Swissky
b87c3fd7ff Traversal Dir + NoSQL major updates + small addons 2018-02-15 23:27:42 +01:00
Swissky
40fa20ec63
Merge pull request #13 from soffensive/master
Added payloads to detect more reliably blind NoSQL injection
2018-01-26 20:14:51 +01:00
soffensive
4892dc6577 Further payload added 2018-01-26 13:31:52 +01:00
soffensive
be12684bc0 Added payload to detect more reliably blind NoSQL injection 2018-01-26 13:28:57 +01:00
Swissky
3793d91fd4 Mimikatz + Credential Windows + XXE update 2017-12-06 20:40:29 +01:00
Swissky
2c048f7b52 SSRF Ip script + DDL & Execute Windows 2017-11-24 09:57:48 +01:00
Swissky
fea88a5738 SVG XSS + SSRF enclosed alphanumerics 2017-11-19 14:01:36 +01:00
Swissky
f740d8e825 MySQL - Code exec 2017-11-09 09:05:50 +01:00
Swissky
edd5f3601f File inclusion - more intruders 2017-10-21 16:48:17 +02:00
Swissky
6b1c98010d Merge pull request #10 from melvinsh/master
Add CSRF to OAuth2
2017-10-16 09:55:31 +02:00
Melvin Lammerts
59971e95d2 Add CSRF to OAuth2
Not sure if it qualifies as a _payload_ but I'll let you be the judge of that :)
2017-10-16 08:41:43 +02:00
Swissky
d16aec6f6a Tomcat CVE-2017-12617 2017-10-10 10:19:14 +02:00
Swissky
a2d5fe5cad Upload .htaccess to PHP code exec 2017-10-09 23:17:31 +02:00
Swissky
6ad7965efc SSRF AWS + Shell.php{3,4,5,7} 2017-09-27 14:37:07 +02:00
Swissky
87ef554e40 LFI to RCE via input:// stream 2017-09-24 00:37:56 +02:00
Swissky
3e6043be32 LFI - PHPSessid technique, more bypass and files 2017-09-24 00:32:55 +02:00
Swissky
278a130940 Command Exec - ``, $() and more bypasses 2017-09-23 23:30:40 +02:00
Swissky
e7cb8a2ce1 SSRF - Gopher Protocol 2017-09-19 20:35:18 +02:00
Swissky
1ca215d5d7 Multiple update - LFI/RCE via phpinfo, Struts2 v2 2017-09-13 23:55:29 +02:00
Swissky
c36d31ec5d LFI via /proc/*/fd + upload 2017-08-15 02:37:09 +02:00
Swissky
901d279fb3 RCE no {}, no space 2017-08-13 16:35:12 +02:00
Swissky
9adb81e6d8 SSRF URL Scheme + XXE Soap 2017-08-07 21:42:14 +02:00