Commit Graph

1127 Commits

Author SHA1 Message Date
Milan Veljkovic
59d0020c86
Update README.md 2018-11-19 12:45:01 +01:00
Swissky
a0f8e846fa Blind XSS - XSS Hunter, Sleepy Puppy etc 2018-11-18 15:37:01 +01:00
Swissky
fd99da6c06 Insecure source code - harvesting secrets 2018-11-18 14:12:05 +01:00
Swissky
5c1d025b03 README - CVE update 2018-11-18 13:40:47 +01:00
Swissky
7096b813ec Insecure direct object references - IDOR 2018-11-17 17:08:46 +01:00
Swissky
182db99e13 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2018-11-17 14:41:40 +01:00
Swissky
3522d9a674 Files JPEG -> JPG + Tag v2 2018-11-17 14:40:12 +01:00
Swissky
133518a78b
Merge pull request #28 from om3rcitak/patch-1
add new attack patterns from Daniel miessler
2018-11-16 13:49:35 +01:00
omer citak
081df9b24d
add new attack patterns from Daniel miessler
https://github.com/danielmiessler/SecLists/edit/master/Fuzzing/Polyglots/XSS-Polyglots.txt
new attack patterns: line 1, 2, 3.
2018-11-16 14:45:51 +03:00
Swissky
af9abc6592 More CVE - RCE : Jenkins, JBoss, WebLogic, WebSphere 2018-11-15 23:13:08 +01:00
Swissky
15fe34052b Ruby Deserialization 2018-11-13 23:38:40 +01:00
Swissky
d181ff4e79 Deserialization - merging Java, PHP 2018-11-13 23:25:18 +01:00
Swissky
ddfdc51e68 Credit fix - WAF bypass 2018-11-09 12:43:30 +01:00
Swissky
1b2ee3e67a Subdomain enumeration - New Aquatone (Go) 2018-11-05 13:45:52 +01:00
Swissky
6bcb43e39c LDAP fix typo + LDAP attributes + LFI filter chaining 2018-11-02 13:50:56 +01:00
Swissky
86db6b7f6f Polyglot XSS from @filedescriptor's Polyglot Challenge 2018-10-31 23:41:11 +01:00
Swissky
4b7fe437a5 LDAP userPassword attribute 2018-10-31 22:34:10 +01:00
Swissky
add00c7357 JWT JSON Web Token + SSI files 2018-10-29 22:22:10 +01:00
Swissky
7b919e4492 AWS cp files and grant access with ACL 2018-10-20 17:03:13 +02:00
Swissky
f1eefd2722 Script Docker RCE 2018-10-18 17:32:01 +02:00
Swissky
f8019e2234
Merge pull request #27 from timwis/patch-1
Remove gender-specific pronoun for attacker
2018-10-11 09:09:42 +02:00
Tim Wisniewski
4f6841ed17
Remove gender-specific pronoun for attacker
Wouldn't want anyone to think they can't grow up to be an attacker too! :)
2018-10-10 23:54:18 -04:00
Swissky
ea1c3a7ccb
Merge pull request #26 from Techbrunch/patch-1
Add Rancher Metadata Service
2018-10-08 23:02:35 +02:00
Techbrunch
78103d13a1
Add Rancher Metadata Service 2018-10-08 21:46:57 +02:00
Swissky
35d4139373 WebCache param miner file + Reverse shell Python TTY 2018-10-08 13:49:50 +02:00
Swissky
869b29195b SQLmap --crawl, --form 2018-10-04 19:59:11 +02:00
Swissky
f0a8b6f8b8 Koadic cheatsheet renamed to "Windows - Post Exploitation" 2018-10-04 17:39:55 +02:00
Swissky
9ebf2057c5 Koadic Cheatsheet + Linux persistence in startup .desktop file 2018-10-04 17:35:57 +02:00
Swissky
747f1d172c Reverse shell python for Windows + Lua + Awk 2018-10-02 17:17:03 +02:00
Swissky
824d8c370b Bugfix README + Can I take over xyz 2018-10-02 16:57:01 +02:00
Swissky
1c5f8889bd Network Discovery and Subdomains enumerations 2018-10-02 16:17:16 +02:00
Swissky
b315252c89 LFI - Intruder files (Windows,Linux,Logs...) 2018-10-01 17:11:51 +02:00
Swissky
a3975ab261 SQLmap TOR + Cookie + Proxy 2018-10-01 16:03:07 +02:00
Swissky
7b49f1b13a PHP Serialization - phpggc 2018-10-01 12:30:14 +02:00
Swissky
6ca5ff1703
PHP Serialization Auth Bypass - Merge pull request #25 from noraj/patch-2
add auth bypass
2018-09-26 18:04:08 +02:00
Alexandre ZANNI
3cf806c8ff
2nd unserialize payload 2018-09-26 00:13:19 +02:00
Alexandre ZANNI
d49e40b1b2
add auth bypass 2018-09-25 23:59:29 +02:00
Swissky
1a1a48c725 Web Cache Deception details from SI9INT's blogpost 2018-09-23 20:07:19 +02:00
Swissky
8bef006d7f
MSSQL Comments - Merge pull request #24 from Margular/patch-1
add comments
2018-09-22 23:12:23 +02:00
时雨
20c1e5c075
add comments 2018-09-23 02:30:03 +08:00
Swissky
cce0444245 SQL injection - Intruders payloads 2018-09-21 18:44:32 +02:00
Swissky
699d66d701
Merge pull request #23 from noraj/patch-1
routed injection in ToC
2018-09-21 18:42:32 +02:00
Alexandre ZANNI
a1eb693270
routed injection in ToC 2018-09-20 23:52:07 +02:00
Swissky
7a80647e63 Raw MD5 SQL injection + SSH Konami Code 2018-09-10 23:12:29 +02:00
Swissky
2a080f82e6 Cassandra SQL + XSS MD + PHP Type Juggling 2018-09-10 20:40:43 +02:00
Swissky
90f4c3634e PDF JS 2018-09-06 20:28:30 +02:00
Swissky
beb0ce8c54 Linux Persistence + WebLogic RCE 2018-09-03 18:41:05 +02:00
Swissky
011baa7321
Merge pull request #22 from cclauss/patch-1
Use octal numbers that work in both Python 2 and 3
2018-09-02 15:57:48 +02:00
cclauss
d642980f8c
Use octal numbers that work in both Python 2 and 3
python2 -c "print(0777 << 16L == 0o777 << 16)"  # True
2018-09-02 14:09:55 +02:00
Swissky
d847e2e6bb
Merge pull request #21 from cclauss/patch-1
import string in uploadlfi.py
2018-09-02 13:54:45 +02:00