Thomas Emerson Glucklich
|
49bc19e992
|
Update README.md
|
2023-11-01 11:32:31 -04:00 |
|
Swissky
|
b8c803717a
|
WDAC Policy Removal + SSRF domains
|
2023-05-31 14:18:25 +02:00 |
|
Swissky
|
14cc88371d
|
WSL + RDP Passwords + MSPaint Escape
|
2023-02-11 17:49:55 +01:00 |
|
Swissky
|
514ac98dac
|
SSRF + XSS details + XXE BOM
|
2022-12-13 22:29:20 +01:00 |
|
Swissky
|
3e9ef2efbe
|
ADFS Golden SAML
|
2022-11-07 10:10:21 +01:00 |
|
Swissky
|
2227472e1c
|
.NET formatters and POP gadgets
|
2022-11-03 21:31:50 +01:00 |
|
Fabian S. Varon Valencia
|
8136e462c2
|
remove old link, I can't find a replacement url
|
2022-10-26 20:36:52 -05:00 |
|
Fabian S. Varon Valencia
|
3822c27634
|
update old url's
|
2022-10-26 20:36:15 -05:00 |
|
Cory Cline
|
a8d8434756
|
Shortened payload
Make payload shorter.
|
2022-10-13 19:48:20 -05:00 |
|
Cory Cline
|
fbed4254e5
|
Fixed an oops
Somehow I deleted line 120 in a prior commit. Fixed.
|
2022-10-13 18:52:07 -05:00 |
|
Cory Cline
|
9ee8f092cd
|
Changed link for document.cookie blacklist
Link was not working due to use of period in title.
|
2022-10-13 18:46:52 -05:00 |
|
Cory Cline
|
9a42be1113
|
Replaced console.log with alert
It's more common to want alert screenshots vs console screenshots.
|
2022-10-13 18:45:55 -05:00 |
|
Cory Cline
|
f23f28c4e2
|
Shortened payload
Shortened the document.cookie blacklist bypass payload.
|
2022-10-13 18:43:54 -05:00 |
|
Cory Cline
|
5d561ea7d6
|
Added document.cookie blacklist bypass
Added an alternative to document.cookie for situations when this text is blacklisted.
|
2022-10-13 18:23:36 -05:00 |
|
clem9669
|
2aa353a5b9
|
Update XSS_Polyglots.txt
Adding the latest BruteLogic polyglot
|
2022-10-05 09:45:15 +00:00 |
|
Deep Dhakate
|
a670a26eea
|
Update
|
2022-10-02 06:13:01 +00:00 |
|
clem9669
|
88134256c8
|
Adding brutelogic polyglot
Adding brutelogic polyglot from blog post.
|
2022-09-13 11:58:10 +00:00 |
|
Swissky
|
d24e3f2d61
|
Merge pull request #497 from kz-cyber/xss/angular-xss-2
[update] Angular XSS payload
|
2022-09-07 00:34:29 +02:00 |
|
its0x08
|
31b213227e
|
fix: Fix more spelling
|
2022-08-09 11:05:40 +02:00 |
|
its0x08
|
fc1f3b25a7
|
fix: Fix spelling
|
2022-08-09 11:02:21 +02:00 |
|
khiemtq-cyber
|
507c493db2
|
Update Angular XSS
|
2022-05-07 12:55:15 +07:00 |
|
idealphase
|
6738f878f3
|
Updated README.md
Added References: Bypassing Signature-Based XSS Filters: Modifying Script Code
|
2022-04-19 10:45:32 +07:00 |
|
idealphase
|
de532030df
|
Merge branch 'swisskyrepo:master' into master
|
2022-04-19 10:43:04 +07:00 |
|
Swissky
|
85a50869f2
|
Merge pull request #482 from khiemtq-cyber/xss/angular-xss-1
[update] Angular XSS payload
|
2022-04-18 21:01:44 +02:00 |
|
Ooggle
|
39d1c6e7d8
|
Add document blacklist bypass
|
2022-04-09 12:55:21 +02:00 |
|
ktq-cyber
|
5d898e004f
|
[update] Angular XSS payload
|
2022-02-23 22:26:16 +07:00 |
|
idealphase
|
e9eac5ca59
|
Update README.md
|
2021-11-10 22:40:40 +07:00 |
|
idealphase
|
6c7df7dc4e
|
Update README.md
Add Bypass dot filter
|
2021-11-10 22:38:02 +07:00 |
|
Philippe Arteau
|
9d30f792d4
|
Remove filename with special characters.
The filename are already covered in `XSS Injection/README.md`
|
2021-10-29 12:56:55 -04:00 |
|
Philippe Arteau
|
16986febde
|
Remove filename with special characters.
The filename are already covered in `XSS Injection/README.md`
|
2021-10-29 12:56:41 -04:00 |
|
Philippe Arteau
|
7443da045a
|
Remove filename with special characters.
The filename are already covered in `XSS Injection/README.md`
|
2021-10-29 12:56:25 -04:00 |
|
Markus
|
7996b4f905
|
Update XSS README.md
Remove unnecessary complexity from CSP bypass payload
|
2021-10-01 16:10:23 +02:00 |
|
Lorenzo Grazian
|
7369ee28b3
|
Added XSS <object> payload
|
2021-09-02 15:14:29 +02:00 |
|
Swissky
|
1e85308ae2
|
Merge pull request #395 from daffainfo/patch-1
Adding Cloudflare XSS payload
|
2021-08-25 22:21:54 +02:00 |
|
Swissky
|
f89597725a
|
Merge pull request #416 from Bort-Millipede/master
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…
|
2021-08-25 22:17:53 +02:00 |
|
Alexandre ZANNI
|
4791962be5
|
document.domain, window.origin and console.log usage
|
2021-08-24 20:29:02 +02:00 |
|
Jeffrey Cap
|
9bde75b32d
|
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload
|
2021-08-23 14:41:40 -05:00 |
|
Swissky
|
87be30d3b2
|
DB2 Injection + ADCS
|
2021-08-10 23:00:19 +02:00 |
|
Xib3rR4dAr
|
ae98d629f0
|
Update README.md
Removed duplicates.
|
2021-08-04 09:29:24 +05:00 |
|
Swissky
|
1fd9260d1e
|
Update README.md
|
2021-07-31 11:28:23 +02:00 |
|
c14dd49h
|
ee12f8e480
|
Update README.md
|
2021-07-22 16:55:03 +02:00 |
|
c14dd49h
|
eddc716d8c
|
Update README.md
|
2021-07-22 14:47:36 +02:00 |
|
Muhammad Daffa
|
2b6c3cb360
|
Adding Cloudflare XSS payload
|
2021-07-15 12:48:02 +07:00 |
|
PinkDev1
|
21c1690adf
|
Fixed typo on "Tips" section
|
2021-06-16 19:24:17 +00:00 |
|
Swissky
|
62b897c936
|
Merge pull request #376 from noraj/patch-2
XSS: add quick tips for bXSS
|
2021-06-16 13:56:29 +02:00 |
|
Alexandre ZANNI
|
c469236204
|
XSS: add quick tips for bXSS
|
2021-06-16 13:25:46 +02:00 |
|
Alexandre ZANNI
|
8547ac7dfc
|
XSS: remove bluelotus
the project is empty
|
2021-06-16 13:18:08 +02:00 |
|
Swissky
|
08b59f2856
|
AD update CME+DCOM
|
2021-04-21 22:27:07 +02:00 |
|
linoskoczek
|
825295e465
|
Update README.md
Fix broken links in Summary
|
2021-03-18 19:16:59 +00:00 |
|
lapolis_aka_blu
|
6f758ba6c0
|
Added closing bracket in unicode full width bypass
Yeah I know it is logic to use it if you really need the closing tag. But having both brackets in your repo makes it quicker to copy paste :D
|
2021-01-15 16:38:51 +00:00 |
|