Ricardo
604618ed41
Improve Ruby reverse shell
...
Now the reverse shell supports the "cd" command and maintains persistence when an error is raised.
2021-04-02 16:36:58 -04:00
Swissky
d8d26d8fb3
Merge pull request #350 from secnigma/patch-2
...
Added Netcat BusyBox
2021-04-01 14:31:12 +02:00
secnigma
059a866fd2
Added Netcat BusyBox
...
Some embedded systems like busybox won't have mkfifo present; instead, they will have mknod. This updated code can spawn reverse shell in systems that use mknod instead of mkfifo.
2021-04-01 13:27:20 +05:30
Swissky
4f89c0a6d2
Merge pull request #349 from SecGus/master
...
Add .ashx shell
2021-03-30 15:31:53 +02:00
chivato
2c0fff2a7a
Add .ashx shell
2021-03-30 13:56:31 +01:00
Swissky
0443babe35
Relay + MSSQL Read File
2021-03-25 18:25:02 +01:00
Swissky
f6b9d63bf8
DCOM exploitation and MSSQL CLR
2021-03-24 22:26:23 +01:00
Swissky
bd2166027e
GMSA Password + Dart Reverse Shell
2021-03-24 12:44:35 +01:00
Swissky
af9f103655
Merge pull request #346 from linoskoczek/master
...
Fix links in XSS Injection Summary
2021-03-18 21:18:28 +01:00
linoskoczek
825295e465
Update README.md
...
Fix broken links in Summary
2021-03-18 19:16:59 +00:00
Swissky
5a3427cf9b
Merge pull request #345 from Tametomo/patch-1
...
Added additional CSV injection cases patterned after in the wild samples
2021-03-17 09:36:25 +01:00
Tametomo
126555e5f9
Update README.md
...
Add additional CSV test cases
2021-03-16 19:17:01 -06:00
Swissky
22a1662f60
Merge pull request #341 from cosmin-bianu/master
...
Fix Java payload (issue #337 )
2021-03-12 12:36:19 +01:00
cosmin-bianu
13d54a5c24
Fixed Java payload
...
- Declared variables
- Added semicolons at the end of each line
- Fixed the bash command
2021-03-12 13:20:15 +02:00
Swissky
d61f683dc6
Merge pull request #339 from c14dd49h/patch-2
...
Update Active Directory Attack.md
2021-02-26 16:37:41 +01:00
c14dd49h
ca28c69e67
Update Active Directory Attack.md
2021-02-26 14:14:10 +01:00
Swissky
8d31b7240b
Office Attacks
2021-02-21 20:17:57 +01:00
Swissky
e128964dd9
Merge pull request #338 from mpgn/patch-1
...
Add mimikatz command to protect a process after removing the protection
2021-02-17 12:32:23 +01:00
mpgn
d1c23c5863
Unload the service mimi
2021-02-17 12:21:16 +01:00
mpgn
9be371d793
add mimikatz command to protect a process again after removing the protection
...
fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)
2021-02-17 12:15:47 +01:00
Swissky
f6f8ec010a
Merge pull request #336 from valenbg1/patch-1
...
Update Windows - Privilege Escalation.md
2021-02-10 16:36:19 +01:00
Valentín Blanco
73f6ab940c
Update Windows - Privilege Escalation.md
...
Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.
2021-02-10 15:52:41 +01:00
Swissky
1d08a7e12d
Merge pull request #335 from unkn0w/patch-1
...
[typo] changed sshs_config to sshd_config
2021-02-05 14:36:05 +01:00
Jakub 'unknow' Mrugalski
9244fe0480
[typo] changed sshs_config to sshd_config
2021-02-05 12:24:49 +01:00
Swissky
495a1f3ffe
Merge pull request #334 from lanjelot/git-dumper
...
New tool git-dumper.py
2021-02-03 15:41:27 +01:00
lanjelot
34dff949a2
Fix ToC
2021-02-04 00:47:00 +11:00
lanjelot
fd6d7f360e
New tool git-dumper.py
2021-02-03 21:15:55 +11:00
Swissky
6bcd2e8a6a
Update README.md
2021-01-31 21:51:53 +01:00
Swissky
b4d8b5939f
Merge pull request #332 from kazkansouh/master
...
Add a one line postgres file write
2021-01-30 21:59:01 +01:00
Karim Kanso
826130946c
Add a one line postgres file write
2021-01-30 14:17:35 +00:00
Swissky
092083af5c
AD - Printer Bug + Account Lock
2021-01-29 22:10:22 +01:00
Swissky
075721fa9b
Merge pull request #331 from PinkDev1/patch-2
...
Added EoP - $PATH Interception
2021-01-28 22:12:51 +01:00
PinkDev1
93769768e2
Added EoP - $PATH Interception
2021-01-28 19:45:54 +00:00
Swissky
ec856fec21
Merge pull request #330 from JLLeitschuh/patch-2
...
Add XXE via DTD file
2021-01-25 18:02:38 +01:00
Jonathan Leitschuh
92667a12a4
Add XXE via DTD file
2021-01-25 11:50:47 -05:00
Swissky
4c7dd435a6
Merge pull request #329 from PinkDev1/patch-1
...
API Key Leaks: Added commands for testing Mapbox API Tokens
2021-01-25 10:38:58 +01:00
PinkDev1
88aa7c9789
Added commands for testing Mapbox API Tokens
2021-01-25 04:34:40 +00:00
Swissky
2ac947e46d
Merge pull request #327 from ayomawdb/patch-2
...
Add PostgreSQL Check if Current User is Supperuser
2021-01-24 18:44:12 +01:00
Swissky
4e17d6c2b3
Update PostgreSQL Injection.md
2021-01-24 18:43:58 +01:00
Swissky
cd6f5493b3
Update PostgreSQL Injection.md
2021-01-24 18:43:28 +01:00
Ayoma Wijethunga
4b8dab523e
Add PostgreSQL Check if Current User is Supperuser
2021-01-24 23:09:52 +05:30
Swissky
daebeeadd2
Merge pull request #326 from ayomawdb/patch-1
...
Add Kubernetes Pentest Methodology Part 3
2021-01-20 11:01:42 +01:00
Ayoma Wijethunga
b04579aa30
Add Kubernetes Pentest Methodology Part 3
...
$subject and minor correction of a file path
2021-01-20 09:07:23 +05:30
Swissky
0675573d93
Merge pull request #325 from u0pattern/u0pattern-patch-1
...
SSTI Payload in Jinja2 - Arbitrary file read
2021-01-18 10:08:47 +01:00
ムハンマド
89429f9c4f
SSTI Payload in Jinja2 - Arbitrary file read
2021-01-18 11:48:38 +03:00
Swissky
d4d2ba45c2
Merge pull request #323 from lanjelot/protocol-smuggling
...
Add PortSwigger http-desync reborn article
2021-01-16 19:04:16 +01:00
lanjelot
c5d8f3fc4f
Add PortSwigger http-desync reborn article
2021-01-17 04:23:38 +11:00
Swissky
7b943d46bc
Merge pull request #322 from lapolis/patch-1
...
Added closing bracket in unicode full width bypass
2021-01-15 17:42:13 +01:00
lapolis_aka_blu
6f758ba6c0
Added closing bracket in unicode full width bypass
...
Yeah I know it is logic to use it if you really need the closing tag. But having both brackets in your repo makes it quicker to copy paste :D
2021-01-15 16:38:51 +00:00
Swissky
01aadf3a44
Alternate Data Stream
2021-01-13 10:22:59 +01:00