Commit Graph

1709 Commits

Author SHA1 Message Date
Swissky
b08600d56d
Merge pull request #526 from nerrorsec/patch-4
Boolean - Extract info (order by)
2022-10-11 11:26:40 +02:00
Swissky
3f3736471e
Merge branch 'master' into patch-4 2022-10-11 11:26:28 +02:00
Swissky
77dc5e3ff1
Merge pull request #566 from pop3ret/master
Merge AWSome Pentesting into Cloud - AWS Pentest
2022-10-11 11:24:21 +02:00
Swissky
ecca4ec5e4
Merge pull request #569 from fabianchoxD/update-.README-file
Update .readme file
2022-10-10 15:06:19 +02:00
pop3ret
0530c19c88
Update Cloud - AWS Pentest.md 2022-10-09 16:03:33 -03:00
pop3ret
4b4a630085
Changed summary and chapters
Changed summary to include the cheatsheet and also changed the format of the cheatsheet to be the same as the original file
2022-10-09 16:01:14 -03:00
Fabian S. Varon Valencia
c82ec3a902 update URL 0dayallday is not working, same article found in blackmarble.sh 2022-10-08 23:32:31 -05:00
Fabian S. Varon Valencia
a07468af9b use web archive to retrieve a readable version of this website - currently unavailable 2022-10-08 23:31:43 -05:00
Fabian S. Varon Valencia
5cdc02282c update 10 password reset flaws URL 2022-10-08 23:30:31 -05:00
Fabian S. Varon Valencia
d214af633c remove post exploitation koadic link (not found) 2022-10-08 22:53:55 -05:00
Fabian S. Varon Valencia
ea86f20472 Add AMSI Bypass and DPAPI links 2022-10-08 22:53:35 -05:00
pop3ret
cabc51e43b
Merge branch 'swisskyrepo:master' into master 2022-10-07 07:56:54 -03:00
Swissky
522b55eec5
Update Cloud - AWS Pentest.md 2022-10-07 10:50:59 +02:00
Swissky
c06dfbec95
Merge pull request #560 from clem9669/master
Update XSS_Polyglots.txt
2022-10-07 00:14:29 +02:00
pop3ret
00189411d4
Merge AWSome Pentesting into Cloud - AWS Pentest
Merge the notes with the existing one
2022-10-06 13:43:09 -03:00
Swissky
347381d6dc
Merge pull request #565 from gdraperi/master
Argument Injection technique
2022-10-06 17:55:58 +02:00
Swissky
ba9eb30940
Fix links 2022-10-06 17:55:16 +02:00
gregory draperi
69c6ee87c6 Argument Injection technique 2022-10-06 16:56:44 +02:00
Swissky
655cec1f1a
Merge pull request #562 from nayeems3c/master
Added 2FA bypass via Force Browsing on Account Takeover branch
2022-10-05 18:46:52 +02:00
Swissky
2c10b28976
Merge pull request #561 from gdraperi/patch-2
Update YAML.md
2022-10-05 14:55:34 +02:00
gdraperi
666a90ffee
Update YAML.md
Updating the actual risks for Python
2022-10-05 13:47:24 +02:00
Nayeem Islam
7e82d93897 Added 2FA bypass via Force Browsing on Account Takeover branch 2022-10-05 17:42:01 +06:00
clem9669
2aa353a5b9
Update XSS_Polyglots.txt
Adding the latest BruteLogic polyglot
2022-10-05 09:45:15 +00:00
Swissky
a766679356
Merge pull request #559 from gdraperi/patch-1
Update README.md
2022-10-05 10:20:58 +02:00
Swissky
643374e1d7
Add reference 2022-10-05 10:20:05 +02:00
gdraperi
2d03a74555
Update README.md
Adding payloads for Citrix and Cisco
2022-10-05 10:06:21 +02:00
Swissky
44d761eb2c
Merge pull request #558 from CyberVarun/master
Added portswigger labs and reference in Command injection
2022-10-05 09:58:40 +02:00
Varun Jagtap
3022c25995
Added portswigger labs and reference 2022-10-05 12:50:10 +05:30
Swissky
c420ed6bf7
Merge pull request #553 from ndsvw/Linkfix
Fixed invalid hyperlink
2022-10-04 11:08:59 +02:00
Swissky
a1c783d8d2
Merge pull request #555 from mschader/patch-8
CVE Exploit: Add trickest CVE repo
2022-10-04 09:42:05 +02:00
Swissky
a5c91d8ed3
Merge pull request #556 from mschader/patch-9
Zip Slip: Add slipit to tools
2022-10-04 09:40:51 +02:00
Swissky
77b0599653
Merge pull request #554 from qligier/master
XXE: Improve the documentation
2022-10-03 18:44:54 +02:00
Markus
950114b9e6
Zip Slip: Add slipit to tools 2022-10-03 18:19:28 +02:00
Markus
f8d04cef3b
CVE Exploit: Add trickest CVE repo 2022-10-03 17:51:39 +02:00
Quentin Ligier
6bbdc85aa2
XXE: Improve the documentation
- Add two references: "OWASP XXE prevention cheat sheet" and "XXE: How to become a Jedi"
- Describe the Parameters Laugh attack
- Expand the WAF bypass method with UTF-7
- Update the summary
2022-10-03 17:14:22 +02:00
Alexander Lübeck
576322d475 Fixed invalid hyperlink 2022-10-02 15:58:16 +02:00
Swissky
bbe4bbce05
Merge pull request #552 from swisskyrepo/hacktober-methodo-rework
Methodology and enumeration rework
2022-10-02 13:14:35 +02:00
Swissky
99a1304af9 Methodology and enumeration rework 2022-10-02 13:13:16 +02:00
Swissky
3f1689b9bc
Merge pull request #551 from swisskyrepo/hacktober-blind-ssti
Blind SSTI Jinja
2022-10-02 12:27:07 +02:00
Swissky
4ed3e3b6b9 Blind SSTI Jinja 2022-10-02 12:24:39 +02:00
Swissky
444d8ad169
Merge pull request #549 from InTruder-Sec/master
Added PortSwigger Labs to the repo
2022-10-02 12:16:08 +02:00
Swissky
6b9f6de7dd
Merge pull request #548 from mschader/patch-7
Java RMI: Add remote-method-guesser to tools
2022-10-02 12:14:51 +02:00
Deep Dhakate
a670a26eea Update 2022-10-02 06:13:01 +00:00
Shahne Rodgers
1659e7c50e Adds more details to the HTTP request smuggling topic
I've tried to give a brief (and certainly not exhaustive) summary of what HTTP request smuggling actually is, HTTP/2 request smuggling attacks and James Kettle's new research on client-side desync attacks.
2022-10-02 16:12:44 +13:00
Markus
bd6a1b759a
Java RMI: Add remote-method-guesser to tools
This also includes slight adjustments to the README.md to adhere to the current contribution example layout
2022-10-01 22:04:49 +02:00
Deep Dhakate
9f0c70d46f update 2022-10-01 19:56:49 +00:00
Swissky
9d1421a6c3
Merge pull request #547 from mschader/patch-6
Api Key Leaks: Add Trivy to tools section
2022-10-01 19:01:47 +02:00
Markus
b7d275d5b0
Api Key Leaks: Add Trivy to tools section 2022-10-01 17:20:51 +02:00
Swissky
72a8556dc9 NodeJS Serialization 2022-09-23 11:21:29 +02:00
Swissky
7a528ccb3f
Merge pull request #545 from noraj/patch-1
Blind NoSQL scripts
2022-09-23 00:38:05 +02:00