Commit Graph

1739 Commits

Author SHA1 Message Date
m3dsec
8156f495fb
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful) 2023-04-30 21:45:33 +01:00
Swissky
55df53105e
Merge pull request #639 from TomWilford/master
Added Twig 'passthru' filter exploits
2023-04-28 16:24:20 +02:00
Tom Wilford
c1dc141e13
Added 'passthru' filter exploits 2023-04-28 14:47:59 +01:00
Swissky
1e66a42bba
Merge pull request #638 from ZkClown/master
Add some stuff on Office exec, Network Recon and Active Directory methodo
2023-04-20 21:31:23 +02:00
ZkClown
0f4d747913 Add injection into AD through ldap signing not required and ldap channel binding disabled 2023-04-20 15:38:26 +02:00
ZkClown
8b543c80aa Add network scan with pure bash 2023-04-20 15:21:48 +02:00
ZkClown
2a4ce78080 Add Office execute WinAPI via VBA 2023-04-20 15:00:33 +02:00
Swissky
b0445a7250
Merge pull request #637 from ZkClown/master
Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling
2023-04-19 21:51:04 +02:00
ZkClown
47df1695a1 Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling 2023-04-19 17:59:10 +02:00
Swissky
e717839fda
Merge pull request #635 from MatteoPaier/fix-param-pollution-golang
Fixed Golang net/http param pollution outcome
2023-04-14 17:48:01 +02:00
Swissky
6861c46fcd MySQL MSSQL Oracle SQL Update 2023-04-14 17:45:45 +02:00
Matteo Paier
c3f5da6014 Fixed Golang net/http param pollution outcome 2023-04-14 14:41:35 +02:00
Swissky
25d2be529f BadSecrets Tool 2023-04-12 13:12:33 +02:00
Swissky
ff6c22b86e
Merge pull request #634 from mpgn/master
Fix path with sessionS with an S for php
2023-04-12 11:27:26 +02:00
mpgn
3c7c863233
Fix path with sessionS with an S for php 2023-04-11 17:08:57 +02:00
Swissky
14c6c9642d
Merge pull request #633 from harunoz/patch-1
Update README.md
2023-04-09 18:41:00 +02:00
Harun
87e78b4c4b
Update README.md
Added Node.js
2023-04-09 12:35:43 -04:00
Swissky
86cc53244d LOL Drivers 2023-04-07 09:22:07 +02:00
Swissky
30d17b4924 Fix markdown typo ESC1-9 2023-04-05 12:47:47 +02:00
Swissky
0a70636d28 ETW Providers 2023-04-03 10:48:53 +02:00
Swissky
d040c0e677 Web Cache Deception Methodology 2023-03-28 21:53:53 +02:00
Swissky
fddd094ee1 LFI iconv and dechunk + ETW + NTDS Dump Rework 2023-03-27 22:38:25 +02:00
Swissky
dd0c23f9a2 ImageMagick Typo 2023-03-19 22:46:56 +01:00
Swissky
723b3213b2 Windows Information Protection 2023-03-18 19:55:43 +01:00
Swissky
579207aa8f JWT jku and jwks - manual exploitation 2023-03-12 18:02:29 +01:00
Swissky
d5729888c3 S4U Extension 2023-03-11 17:53:16 +01:00
Swissky
b88457367b Active Directory Integrated DNS 2023-03-11 11:52:52 +01:00
Swissky
5e8737485b Fix responsive - rollback - FF was glitching 2023-03-11 00:11:27 +01:00
Swissky
648f4ad2ca Fix responsive icons 2023-03-10 23:45:27 +01:00
Swissky
084efe8a6b Fix responsive display on PATT Web 2023-03-10 23:20:39 +01:00
Swissky
f379b60ef1 Web Theme + Credential Guard + PPL 2023-03-10 22:14:22 +01:00
Swissky
e43f1527c0 JWT rework 0.2: jwks + kid + cve 2023-03-07 11:39:39 +01:00
Swissky
2a3d175620 GraphQL and JWT rework v0.1 2023-03-05 12:05:43 +01:00
Swissky
776b2bd934
Merge pull request #629 from maxence-Doyensec/file-upload-uwsgi
add uwsgi configuration file to Upload Insecure File
2023-03-01 15:13:07 +01:00
Maxence Schmitt
5f8b3f8a14 add uwsgi configuration file to Upload Insecure File 2023-03-01 14:49:31 +01:00
Swissky
7ef9babc9f
Merge pull request #627 from noraj/patch-1
add "GraphQL for Pentesters" ref
2023-02-26 14:14:56 +01:00
Alexandre ZANNI
9bdfa7f8c7
add "GraphQL for Pentesters" ref 2023-02-25 23:09:47 +01:00
Swissky
ecc241d17e
Merge pull request #626 from mschader/patch-10
Web Sockets: Update README.md
2023-02-24 18:08:28 +01:00
Markus
d57dcabf46
Web Sockets: Update README.md
Update outdated link to blog post and add Hacktricks as reference
2023-02-24 10:37:52 +01:00
Swissky
c9d0878817 Kerberos Tickets Dump, Convert, Replay 2023-02-21 23:21:22 +01:00
Swissky
2a65b59c01 RODC + PAM Trusts 2023-02-20 18:44:44 +01:00
Swissky
a38701a7e2 MOTD + SpEL injection 2023-02-20 17:21:43 +01:00
Swissky
d3ccbb5370
Merge pull request #610 from somebodyoncetoldme207/patch-1
Typo corrections in PostgreSQL Injection.md
2023-02-18 22:23:52 +01:00
Swissky
cedf4aa9f6 Office Default Passwords + SMBExec 2023-02-17 12:01:52 +01:00
Swissky
8442b304c9 SMBExec + Refresh & Access Token Azure 2023-02-15 17:03:49 +01:00
Swissky
411f2455a9 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2023-02-15 12:34:26 +01:00
Swissky
ae46ac0338 WMIExec + SharpSCCM 2023-02-15 12:33:20 +01:00
Swissky
73996ea52a
Merge pull request #624 from Techbrunch/patch-13
Update sponsor link
2023-02-14 15:15:04 +01:00
Swissky
36e135776f AD Groups + PowerShell Defenses 2023-02-14 15:13:41 +01:00
Techbrunch
da42d27a3c
Update sponsor link
Thanks for the link ❤️
2023-02-14 14:26:49 +01:00