Commit Graph

1705 Commits

Author SHA1 Message Date
Maxence Schmitt
5f8b3f8a14 add uwsgi configuration file to Upload Insecure File 2023-03-01 14:49:31 +01:00
Swissky
7ef9babc9f
Merge pull request #627 from noraj/patch-1
add "GraphQL for Pentesters" ref
2023-02-26 14:14:56 +01:00
Alexandre ZANNI
9bdfa7f8c7
add "GraphQL for Pentesters" ref 2023-02-25 23:09:47 +01:00
Swissky
ecc241d17e
Merge pull request #626 from mschader/patch-10
Web Sockets: Update README.md
2023-02-24 18:08:28 +01:00
Markus
d57dcabf46
Web Sockets: Update README.md
Update outdated link to blog post and add Hacktricks as reference
2023-02-24 10:37:52 +01:00
Swissky
c9d0878817 Kerberos Tickets Dump, Convert, Replay 2023-02-21 23:21:22 +01:00
Swissky
2a65b59c01 RODC + PAM Trusts 2023-02-20 18:44:44 +01:00
Swissky
a38701a7e2 MOTD + SpEL injection 2023-02-20 17:21:43 +01:00
Swissky
d3ccbb5370
Merge pull request #610 from somebodyoncetoldme207/patch-1
Typo corrections in PostgreSQL Injection.md
2023-02-18 22:23:52 +01:00
Swissky
cedf4aa9f6 Office Default Passwords + SMBExec 2023-02-17 12:01:52 +01:00
Swissky
8442b304c9 SMBExec + Refresh & Access Token Azure 2023-02-15 17:03:49 +01:00
Swissky
411f2455a9 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2023-02-15 12:34:26 +01:00
Swissky
ae46ac0338 WMIExec + SharpSCCM 2023-02-15 12:33:20 +01:00
Swissky
73996ea52a
Merge pull request #624 from Techbrunch/patch-13
Update sponsor link
2023-02-14 15:15:04 +01:00
Swissky
36e135776f AD Groups + PowerShell Defenses 2023-02-14 15:13:41 +01:00
Techbrunch
da42d27a3c
Update sponsor link
Thanks for the link ❤️
2023-02-14 14:26:49 +01:00
Swissky
f1a85f22b9 Windows Defenses 2023-02-12 18:17:09 +01:00
Swissky
5cd5de6803 Workflow cleanup 2023-02-11 20:32:36 +01:00
Swissky
9a511046ae GPO update timing 2023-02-11 20:29:32 +01:00
Swissky
c08949fdc2 Github Pages Trigger 2023-02-11 20:22:28 +01:00
Swissky
2089c5efb1 Github Pages 2023-02-11 20:11:33 +01:00
Swissky
14cc88371d WSL + RDP Passwords + MSPaint Escape 2023-02-11 17:49:55 +01:00
Swissky
ccae5a6e09 Credentials Rework 2023-02-11 12:07:25 +01:00
Swissky
8c88590d7c
Merge pull request #621 from SSKale1/master
Add AWSGoat and Azure Training, AzureGoat
2023-02-01 09:54:34 +01:00
Shantanu Kale
b03250a4f6 Add Training, AzureGoat 2023-02-01 09:48:26 +05:30
Shantanu Kale
ce40e39dcc Add AWSGoat 2023-02-01 09:46:13 +05:30
Swissky
4451d4919a
Merge pull request #620 from noraj/patch-1
SSTI: add some jinja2 examples
2023-01-28 16:31:51 +01:00
Alexandre ZANNI
89782643c9
SSTI: add some jinja2 examples 2023-01-28 15:29:54 +01:00
Swissky
d0067e13d5
Merge pull request #619 from CravateRouge/patch-2
Add PrintNightmare exploit using WebDAV
2023-01-24 09:53:54 +01:00
CravateRouge
a8bef1873a
Add PrintNightmare exploit using WebDAV 2023-01-23 17:06:05 +01:00
Swissky
b75913ca8f
Merge pull request #616 from noraj/patch-1
add XXE in Java
2023-01-19 17:14:19 +01:00
Swissky
d23794be0f
Merge pull request #617 from CravateRouge/patch-1
Add SSL MITM using OpenSSL
2023-01-19 17:13:44 +01:00
CravateRouge
230f8c3688
Add SSL MITM using OpenSSL 2023-01-19 16:33:11 +01:00
Alexandre ZANNI
563a1b2a1d
add XXE in Java 2023-01-19 10:23:56 +01:00
Swissky
99ff1f94b3
Merge pull request #615 from noraj/patch-url
[chore] fix rawsec url
2023-01-12 09:57:27 +01:00
Alexandre ZANNI
442d253936
fix rawsec url 2023-01-11 23:19:26 +01:00
Swissky
1a9bfdd86f
Merge pull request #614 from Darktortue/patch-zerologon
Added zerologon authentication relay technique
2023-01-10 21:11:43 +01:00
Darktortue
8caba394d5
Added zerologon authentication relay technique 2023-01-10 11:23:45 +01:00
Swissky
b27ba26af9
Merge pull request #609 from m3dsec/patch-1
Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.
2023-01-10 11:06:07 +01:00
Swissky
8e0ce56e5d
Merge pull request #613 from JeremyLARDENOIS/fix-docker-metasploit-install
fix: remove docker metasploit installation
2023-01-10 11:05:09 +01:00
Jérémy LARDENOIS
3a97ad3f41
fix: remove docker metasploit installation 2023-01-10 08:51:28 +01:00
Swissky
d4742a9688 SOCKS Compatibility Table + CORS 2023-01-05 01:50:11 +01:00
Swissky
095024f960
Merge pull request #611 from DotDotSlashRepo/master
Updated Account takeover due to unicode normalization issue
2023-01-04 17:21:55 +01:00
DotDotSlash
418ff228d0
Formatting changes
Formatting changes to Account takeover due to unicode normalization issue
2023-01-04 21:06:36 +05:30
DotDotSlash
b7df4cb6e8
Updated unicode normalization issue
Added helpful tools to 'Account takeover due to unicode normalization issue'
2023-01-04 21:03:20 +05:30
somebodyoncetoldme
aa8950a273
Update PostgreSQL Injection.md
Switch "column_name" to "table_name".
2023-01-03 21:02:57 -08:00
m3dsec
834c6bca20
Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack. 2023-01-01 14:24:57 +01:00
Swissky
5190829ab4 RustHound Examples 2022-12-30 11:01:31 +01:00
Swissky
ec7c363aba
Merge pull request #592 from oddrabbit/patch-1
Added in Spring Framework SSTI Detection & Exploitation
2022-12-28 10:55:13 +01:00
Swissky
996c83bb4b
Update README.md 2022-12-28 10:54:48 +01:00