nizam0906
4de5a20376
Fixed Broken Links in Command Injection
2019-12-17 22:29:17 +05:30
Swissky
4588cc2eee
Merge pull request #135 from nizam0906/patch-1
...
Fixed Broken Links in API Key Leaks
2019-12-17 17:39:55 +01:00
nizam0906
03762911a7
Fixed Broken Links in API Key Leaks
2019-12-17 21:59:19 +05:30
Swissky
896e262531
Privilege impersonation and GraphQL SQLi
2019-12-11 16:59:14 +01:00
Swissky
ba9fce83b1
Merge pull request #131 from js-kyle/angularjs
...
clarify AngularJS vs Angular
2019-12-07 12:01:08 +01:00
Kyle Martin
e95b0c34a3
clarify AngularJS vs Angular
2019-12-07 10:54:47 +13:00
Swissky
6f4a28ef66
Slim RCE + CAP list
2019-12-05 23:06:53 +01:00
Swissky
21101ec287
Merge pull request #130 from clem9669/patch-3
...
Bypass XSS filters on alert
2019-12-03 15:40:22 +01:00
clem9669
286f7caaa3
Bypass XSS filters on alert
...
Bypass XSS filters using javascript global variables based on the following article https://www.secjuice.com/bypass-xss-filters-using-javascript-global-variables/ from theMiddle.
2019-12-03 15:24:24 +01:00
Swissky
e92126a16c
Merge pull request #129 from noraj/patch-2
...
SSFR: add ref for docker
2019-12-02 22:38:28 +01:00
Swissky
ac0239d332
Merge pull request #128 from noraj/patch-1
...
XXE: add XXE via SVG rasterization
2019-12-02 22:38:08 +01:00
Swissky
c125b35f98
Merge pull request #127 from trietptm/master
...
Copy this -> Cut this
2019-12-02 10:52:19 +01:00
Minh Triet Pham Tran
f44d014fc2
Copy this -> Cut this
...
Change copy to cut instruction
2019-12-02 12:59:54 +07:00
Swissky
c60f264664
RDP backdoor + RDP session takeover
2019-11-26 23:39:14 +01:00
Swissky
06864b0ff8
Password spraying rewrite + Summary fix
2019-11-25 23:35:20 +01:00
Swissky
3abaa3e23d
Linux AD - Keyring, Keytab, CCACHE
2019-11-25 23:12:06 +01:00
Swissky
886a0b9426
Merge pull request #125 from noraj/patch-3
...
Ruby: add slim
2019-11-16 23:49:11 +01:00
Alexandre ZANNI
6a398ca5c3
Ruby: add slim
2019-11-16 17:29:55 +01:00
Swissky
00684a10cd
IIS asp shell with .asa, .cer, .xamlx
2019-11-16 14:53:42 +01:00
Swissky
639dc9faec
.url file in writeable share
2019-11-14 23:54:57 +01:00
Swissky
3a384c34aa
Password spray + AD summary re-org
2019-11-14 23:37:51 +01:00
Swissky
7f266bfda8
mitm ipv6 + macOS kerberoasting
2019-11-14 23:26:13 +01:00
Swissky
255a8c3660
Merge pull request #124 from yehgdotnet/patch-1
...
Added new payloads from hahwul.com
2019-11-14 14:21:31 +01:00
Myo Soe
eac33e7e10
Added new payloads
...
Added new payloads from https://www.hahwul.com/p/ssrf-open-redirect-cheat-sheet.html
http://google.com\www.whitelisteddomain.tld
http://google.com&www.whitelisteddomain.tld
http:///////////google.com
\\google.com
http://www.whitelisteddomain.tld.google.com
2019-11-14 18:26:35 +08:00
Swissky
6ca8aa8acc
Merge pull request #123 from bash-c/patch-1
...
fix invalid link
2019-11-14 10:25:54 +01:00
M4x
221b353030
fix invalid link
2019-11-14 16:59:52 +08:00
Swissky
43f185d289
CVE-2019-1322 UsoSvc
2019-11-11 20:31:07 +01:00
Swissky
f6d5221a85
SID history break trust + Powershell history + SCF files
2019-11-07 23:21:00 +01:00
Swissky
6fecedd880
MXSS - Mutated XSS - Google POC
2019-11-06 18:32:29 +01:00
Swissky
24516ca7a1
Kubernetes attacks update + ref to securityboulevard
2019-11-05 11:05:59 +01:00
Swissky
60050219b7
Impersonating Office 365 Users on Azure AD Connect
2019-11-04 21:43:44 +01:00
Swissky
4eae23a43d
Merge pull request #122 from noraj/patch-4
...
XXE: tools description + more tools
2019-11-04 09:11:26 +01:00
Swissky
adaa93b4b8
Merge pull request #121 from noraj/patch-3
...
add ref for docker SSRF
2019-11-04 09:10:46 +01:00
Alexandre ZANNI
e3604c01d7
XXE: tools description + more tools
2019-11-04 01:58:15 +01:00
Alexandre ZANNI
54c94e0398
add ref for docker SSRF
2019-11-03 23:50:58 +01:00
Alexandre ZANNI
64f8f4d869
add ref for docker SSRF
2019-11-03 23:49:36 +01:00
Swissky
3585b1f00f
Merge pull request #120 from cydave/patch-1
...
Fix awk snippet
2019-11-03 17:54:52 +01:00
Dave
775d10c256
Fix awk snippet
...
A small typo in the awk one-liner prevents successful execution of the command.
```
awk: cmd. line:1: warning: remote host and port information (10.0.0.1>, 4242) invalid: Name or service not known
awk: cmd. line:1: fatal: can't open two way pipe `/inet/tcp/0/10.0.0.1>/4242' for input/output (No such file or directory)
```
This commit fixes this :)
2019-11-03 16:07:16 +00:00
Alexandre ZANNI
83f46a22e3
add XXE via SVG rasterization
2019-11-02 00:54:48 +01:00
Swissky
952b3c0369
Merge pull request #119 from Hi15358/master
...
Updated Insecure Deserialization/Java.md and Created Zip Slip in Upload Insecure Files
2019-10-30 09:05:22 +01:00
Hi15358
83569c6142
Update and rename ReadMe.txt to README.md
2019-10-30 12:07:50 +08:00
Hi15358
5fec4f7c21
Update Java.md
2019-10-30 11:36:09 +08:00
Hi15358
5f31044ae3
Create ReadMe.txt
2019-10-30 11:24:56 +08:00
Hi15358
bd121bfccb
Delete Readme
2019-10-30 11:24:35 +08:00
Hi15358
b36e5262bd
Create Readme
2019-10-30 11:19:52 +08:00
Hi15358
757e1c107e
Merge pull request #2 from swisskyrepo/master
...
Update
2019-10-30 11:18:36 +08:00
Swissky
069463fe14
Merge pull request #117 from Reelix/patch-1
...
Added an alternate possible Found condition to POST
2019-10-29 21:06:35 +01:00
Swissky
535ad5baaa
Merge pull request #118 from cydave/cydave-patch-1
...
Fix lua reverse shell quote issue
2019-10-29 21:06:07 +01:00
Dave
6b22d53257
Fix lua reverse shell quote issue
...
The single quotes around `io.popen` prevented the one-liner to be executed.
This change should fix that :)
2019-10-29 19:31:07 +00:00
Reelix
694e9e4dbd
Added an alternate possible Found condition to POST
2019-10-29 21:11:56 +02:00