ch0ic3/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-20 19:36:11 +00:00

Author	SHA1	Message	Date
0xsry0	343d63f79f	Quick fix for WSUS malicious patch Not sure if it is deprecated but by tackling the box Outdated on HTB, the command didn't worked with two `&&`. To concatenate `"net user WSUSDemo Password123! /add ` and `net localgroup administrators WSUSDemo /add\""`, the `^&` is required.	2022-08-24 09:10:55 +02:00
Swissky	fbd7517e04	LFI2RCE - Picture Compression - SOCKS5 CS	2022-08-21 16:38:54 +02:00
Swissky	e7af5aeb84	Merge pull request #532 from wlayzz/patch-2 Update java ssti	2022-08-19 16:25:00 +02:00
Wlayzz	961d935623	Update java ssti fix little inattention	2022-08-19 16:22:39 +02:00
Swissky	b25f461b6e	Merge pull request #531 from wlayzz/patch-1 Update Java SSTI	2022-08-19 15:16:46 +02:00
Wlayzz	8d70f262ae	Update Java SSTI Adding variable expressions alternative for java injection	2022-08-19 15:04:52 +02:00
Swissky	804920be62	Source Code Management	2022-08-18 10:43:01 +02:00
Swissky	abc78a6a67	Merge pull request #528 from denandz/patch-1 Add multipart/form-data CSRF technique	2022-08-17 14:24:34 +02:00
DoI	b3e6220da6	Add multipart/form-data CSRF technique	2022-08-17 09:29:05 +12:00
Swissky	6650c361e7	Capture a network trace with builtin tools	2022-08-15 15:02:29 +02:00
Swissky	55e05b4b17	Merge pull request #527 from natrajms/patch-2 Updating Reference section hyperlinks	2022-08-15 11:40:15 +02:00
Natraj Sangashetty	1bd82af11e	Updating Reference section hyperlinks	2022-08-15 11:15:33 +05:30
nerrorsec	418285b7f6	Boolean - Extract info (order by)	2022-08-13 10:07:54 +05:45
mr.The	f82efffbc7	Boolean error based* instead of just error based	2022-08-12 18:36:43 +03:00
mr.The	0d9a2354e5	Add error-based vector for the sqlite	2022-08-12 18:33:44 +03:00
Swissky	683167d4e9	Merge pull request #521 from mh4ckt3mh4ckt1c4s/ssti-detection Add SSTI detection payload + related resource	2022-08-09 22:09:15 +02:00
Swissky	11271d9072	Jetty RCE	2022-08-09 22:06:55 +02:00
Swissky	fa849c00f2	Jetty RCE + Upload tricks	2022-08-09 22:05:45 +02:00
Swissky	919fee6320	Merge pull request #524 from its0x08/master fix: Fix spelling	2022-08-09 14:05:19 +02:00
its0x08	31b213227e	fix: Fix more spelling	2022-08-09 11:05:40 +02:00
its0x08	fc1f3b25a7	fix: Fix spelling	2022-08-09 11:02:21 +02:00
Swissky	55c9689487	Merge pull request #522 from aelmosalamy/patch-1 Typo fix	2022-08-08 22:08:20 +02:00
Adham Elmosalamy	1b2471265a	Typo fix	2022-08-08 16:08:55 +04:00
mh4ckt3mh4ckt1c4s	9d274a39a4	Add SSTI detection payload + related resource	2022-08-05 20:05:20 +02:00
Swissky	7fe0a0475e	Docker Escape cgroup	2022-08-05 12:26:31 +02:00
Swissky	835d6fffe0	Shadow Credentials	2022-08-05 12:00:41 +02:00
Swissky	52e255cb75	Merge pull request #520 from sebch-/patch-1 Update Active Directory Attack.md	2022-08-03 19:20:11 +02:00
Swissky	fe1fa242ba	Merge pull request #519 from spidyhackx/patch-1 typo	2022-08-03 19:19:40 +02:00
Spidycodes	bb6c9ed172	typo	2022-08-02 21:48:07 +00:00
Seb	310338b279	Update Active Directory Attack.md Find AD	2022-08-02 15:09:23 +02:00
Swissky	e386a110d9	Find DC	2022-07-27 17:23:30 +02:00
Swissky	83c4658ff8	Merge pull request #517 from svewa/master Twig in Wordpress	2022-07-24 13:22:24 +02:00
s. vewa	33d632df4e	Twig in Wordpress Was very unsuccessful with the given Twig examples, quotes were escaped so got invalid, file_excerpt threw an error, too. Include and also injecting the file name helped. Don't know if this is a wordpress thing...	2022-07-24 12:30:09 +02:00
Swissky	820147466a	Merge pull request #516 from jjeyanthan/patch-1 Update OracleSQL Injection.md	2022-07-20 19:31:11 +02:00
Jeyanthan	7ad7ae722d	Update OracleSQL Injection.md missing 'T' in the SELECT in the Oracle blind SQLI section	2022-07-20 13:34:27 +02:00
Vladislav Korchagin	7b79bce819	Update README.md	2022-07-17 18:35:59 +03:00
Swissky	d9921e370b	Merge pull request #511 from buddyeatsbugs/master Update CSWSH payload	2022-06-30 20:37:05 +02:00
somebodyoncetoldme	d0a198ffee	Update README.md	2022-06-30 10:37:41 -07:00
Swissky	fc8fadbb0c	PR Guidelines + User Hunting + HopLa Configuration	2022-06-30 16:33:35 +02:00
fantesykikachu	f6c455d8f9	Windows Python3 Reverse Shell	2022-06-28 06:54:06 +00:00
Swissky	b9e847decb	Merge pull request #510 from MarwanNour/patch-1 Added DirtyPipe to kernel exploits	2022-06-23 17:19:05 +02:00
Marwan Nour	36e417f129	Added DirtyPipe to kernel exploits Fixed some links in the table of contents	2022-06-23 16:55:58 +02:00
Swissky	0f385c31c0	Merge pull request #509 from Sh0ckFR/patch-2 Added Thread Stack Spoofer description	2022-06-22 12:22:33 +02:00
Sh0ckFR	a4e43fb24c	Added Thread Stack Spoofer description	2022-06-22 12:11:49 +02:00
Swissky	7a0b1c77e2	Merge pull request #508 from Sh0ckFR/patch-1 Added Sleep Mask Kit Link	2022-06-21 17:19:10 +02:00
Sh0ckFR	4b07c91e7b	Added Sleep Mask Kit Link	2022-06-21 15:52:30 +02:00
Swissky	55a3239db6	Merge pull request #507 from noraj/patch-1 pivoting: add english version of the article	2022-06-20 22:35:08 +02:00
Alexandre ZANNI	b831175f99	add english version of the article	2022-06-20 20:31:11 +02:00
Swissky	28425b37a3	LFI to RCE via upload (FindFirstFile)	2022-06-19 22:48:46 +02:00
Swissky	3e4b4c09c2	Merge pull request #506 from hahwul/master Update References link in NoSQL Injection	2022-06-17 12:58:18 +02:00

... 4 5 6 7 8 ...

1719 Commits