Swissky
|
5d1b8bca79
|
SAML exploitation + ASREP roasting + Kerbrute
|
2019-03-24 13:16:23 +01:00 |
|
Swissky
|
e9489f0768
|
Linux Priv Esc - minor update
|
2019-03-18 23:19:36 +01:00 |
|
Swissky
|
e5090f2797
|
Bazaar - version control system
|
2019-03-15 23:27:14 +01:00 |
|
Swissky
|
ec61e99334
|
Linux - PrivEsc typo
|
2019-03-08 20:09:01 +01:00 |
|
Swissky
|
b22fd26800
|
Linux PrivEsc - LXD Group
|
2019-03-07 15:27:54 +01:00 |
|
Swissky
|
68df152fd3
|
Linux PrivEsc - Wildcard/NFS/Sudo
|
2019-03-07 15:09:06 +01:00 |
|
Swissky
|
404afd1d71
|
Fix name's capitalization
|
2019-03-07 00:07:55 +01:00 |
|
Swissky
|
21d1fe7eee
|
Fix name - Part 1
|
2019-03-07 00:07:14 +01:00 |
|
Swissky
|
450de2c90f
|
Typo fix
|
2019-03-04 19:40:34 +01:00 |
|
Swissky
|
e36b15a6d7
|
Windows PrivEsc - Table of content update
|
2019-03-03 20:05:27 +01:00 |
|
Swissky
|
ecadcf3d0f
|
Windows PrivEsc - Full rewrite
|
2019-03-03 20:01:25 +01:00 |
|
Swissky
|
2d5b4f2193
|
Meterpreter generate + LaTeK XSS + Ruby Yaml
|
2019-03-03 16:31:17 +01:00 |
|
Swissky
|
6d2cd684fa
|
Web cache deception resources update
|
2019-03-01 17:49:19 +01:00 |
|
Swissky
|
70225232c9
|
Polyglot Command Injection + XSS HTML file
|
2019-02-28 00:36:53 +01:00 |
|
Swissky
|
a58a8113d1
|
Linux capabilities - setuid + read / Docker group privesc
|
2019-02-26 17:24:10 +01:00 |
|
Swissky
|
78c882fb34
|
Jenkins Grrovy + MSSQL UNC + PostgreSQL list files
|
2019-02-17 20:02:16 +01:00 |
|
Swissky
|
f2273f5cce
|
PrivExchange attack
|
2019-02-10 19:51:54 +01:00 |
|
Swissky
|
8c1c35789d
|
SQLmap tamper update
|
2019-02-10 19:07:27 +01:00 |
|
Swissky
|
1c37517bf3
|
.git/index file parsing + fix CSRF payload typo
|
2019-02-07 23:33:47 +01:00 |
|
Swissky
|
b9f2fe367c
|
Bugfix - Errors in stashed changes
|
2019-01-28 20:27:45 +01:00 |
|
ThunderSon
|
99857a714f
|
fead: add powerless repo to the tools
|
2019-01-27 20:13:06 +02:00 |
|
Swissky
|
e07a654080
|
Command injection renamed + sudo/doas privesc
|
2019-01-22 21:45:41 +01:00 |
|
Swissky
|
4db45a263a
|
MSSQL union based + Windows Runas
|
2019-01-20 16:41:46 +01:00 |
|
Swissky
|
3bcd3d1b3c
|
SUID & Capabilities
|
2019-01-13 22:05:39 +01:00 |
|
Swissky
|
2e3aef1a19
|
Shell IPv6 + Sandbox credential
|
2019-01-07 18:15:45 +01:00 |
|
Swissky
|
e480c9358d
|
SQL wildcard '_' + CSV injection reverse shell
|
2018-12-26 01:02:17 +01:00 |
|
Swissky
|
bd97c0be86
|
README update + Typo fix in Active Directory
|
2018-12-25 20:41:43 +01:00 |
|
Swissky
|
d57d59eca7
|
NTLMv2 hash capturing, cracking, replaying
|
2018-12-25 20:35:39 +01:00 |
|
Swissky
|
d5478d1fd6
|
AWS Pacu and sections + Kerberoasting details
|
2018-12-25 19:38:37 +01:00 |
|
Swissky
|
b9efdb52d3
|
Linux - PrivEsc - First draft
|
2018-12-25 15:51:11 +01:00 |
|
Swissky
|
38c3bfbd9f
|
Windows Priv Esc - Unquoted Path, Password looting and Powershell version
|
2018-12-25 15:19:45 +01:00 |
|
Swissky
|
a6475a19d9
|
Adding references sectio
|
2018-12-24 15:02:50 +01:00 |
|
Swissky
|
b4aff1a826
|
Architecture - Files/Intruder/Images and README + template
|
2018-12-23 00:45:45 +01:00 |
|
Swissky
|
69c1d601fa
|
Kerberoasting + SQLmap write SSH key
|
2018-12-15 00:51:33 +01:00 |
|
Swissky
|
928a454531
|
Blind XSS endpoint + SSRF Google + Nmap subdomains
|
2018-11-25 15:44:17 +01:00 |
|
Swissky
|
1225a9a23d
|
Metasploit Cheatsheet
|
2018-11-24 15:32:44 +01:00 |
|
Swissky
|
565b40d177
|
reGeorg + Meterpreter socks + S3 trick name
|
2018-11-24 13:49:08 +01:00 |
|
Swissky
|
1b2ee3e67a
|
Subdomain enumeration - New Aquatone (Go)
|
2018-11-05 13:45:52 +01:00 |
|
Swissky
|
6bcb43e39c
|
LDAP fix typo + LDAP attributes + LFI filter chaining
|
2018-11-02 13:50:56 +01:00 |
|
Swissky
|
f1eefd2722
|
Script Docker RCE
|
2018-10-18 17:32:01 +02:00 |
|
Swissky
|
35d4139373
|
WebCache param miner file + Reverse shell Python TTY
|
2018-10-08 13:49:50 +02:00 |
|
Swissky
|
f0a8b6f8b8
|
Koadic cheatsheet renamed to "Windows - Post Exploitation"
|
2018-10-04 17:39:55 +02:00 |
|
Swissky
|
9ebf2057c5
|
Koadic Cheatsheet + Linux persistence in startup .desktop file
|
2018-10-04 17:35:57 +02:00 |
|
Swissky
|
747f1d172c
|
Reverse shell python for Windows + Lua + Awk
|
2018-10-02 17:17:03 +02:00 |
|
Swissky
|
824d8c370b
|
Bugfix README + Can I take over xyz
|
2018-10-02 16:57:01 +02:00 |
|
Swissky
|
1c5f8889bd
|
Network Discovery and Subdomains enumerations
|
2018-10-02 16:17:16 +02:00 |
|
Swissky
|
7b49f1b13a
|
PHP Serialization - phpggc
|
2018-10-01 12:30:14 +02:00 |
|
Swissky
|
cce0444245
|
SQL injection - Intruders payloads
|
2018-09-21 18:44:32 +02:00 |
|
Swissky
|
7a80647e63
|
Raw MD5 SQL injection + SSH Konami Code
|
2018-09-10 23:12:29 +02:00 |
|
Swissky
|
beb0ce8c54
|
Linux Persistence + WebLogic RCE
|
2018-09-03 18:41:05 +02:00 |
|
Swissky
|
f612a91bb5
|
LFI via Upload (race condition) + Network Pivot nmap
|
2018-08-26 15:43:26 +02:00 |
|
Swissky
|
b87e14a0ed
|
Markdown formatting - Part 2
|
2018-08-13 12:01:13 +02:00 |
|
Swissky
|
65654f81a4
|
Markdown formatting update
|
2018-08-12 23:30:22 +02:00 |
|
Swissky
|
177c12cb79
|
Multiple update in READMEs + RCE tricks
|
2018-08-12 00:17:58 +02:00 |
|
Swissky
|
644724396f
|
LaTeX display code + XSS location alternative
|
2018-08-01 21:19:18 +02:00 |
|
Swissky
|
93f4bbb19e
|
AD BloodHound + AD Relationship + SSRF Digital Ocean
|
2018-07-15 11:06:43 +02:00 |
|
Swissky
|
cdc3adee51
|
PassTheTicket + OpenShare + Tools(CME example)
|
2018-07-08 20:03:40 +02:00 |
|
Swissky
|
76aefd9da2
|
Path traversal refactor + AD cme module msf/empire + IIS web.config
|
2018-07-07 12:04:55 +02:00 |
|
Swissky
|
a7439d812d
|
Windows port forwarding - Netsh
|
2018-06-09 18:56:19 +02:00 |
|
Swissky
|
4ad7c70e89
|
SSRF to XSS + Retail account Windows
|
2018-06-06 00:05:28 +02:00 |
|
Swissky
|
8eb6cb80f9
|
GPP decrypt + SSRF url for cloud providers
|
2018-05-27 22:27:31 +02:00 |
|
Swissky
|
e261836532
|
Windows PrivEsc + SQLi second order + AD DiskShadow
|
2018-05-20 22:10:33 +02:00 |
|
Swissky
|
f1cb7ce50e
|
SQL Cheatsheets - Refactoring part 1
|
2018-05-16 23:33:14 +02:00 |
|
Swissky
|
81eebeaea2
|
AD - Ropnop Tricks
|
2018-05-08 22:11:36 +02:00 |
|
Swissky
|
6a39f25661
|
AD - refactor part 4 (link and src)
|
2018-05-06 19:07:34 +02:00 |
|
Swissky
|
c5bbe88372
|
AD - refactor part3
|
2018-05-05 23:11:17 +02:00 |
|
Swissky
|
1feccf84cb
|
AD refactor - Part 2 : summary
|
2018-05-05 17:41:04 +02:00 |
|
Swissky
|
6869c399d5
|
AD refactoring part1
|
2018-05-05 17:32:19 +02:00 |
|
Swissky
|
2dcffadd46
|
AD - Little fixes and refactor
|
2018-04-28 19:54:32 +02:00 |
|
Swissky
|
cb3b298451
|
Oracle SQL + SQL injection updates (MS SQL/MYSQL/ GENERAL)
|
2018-04-27 23:31:58 +02:00 |
|
Swissky
|
8209d32baf
|
Abstract for methodology
|
2018-04-23 21:22:11 +02:00 |
|
Swissky
|
54661cbd70
|
Bugfix - Tables Token/Brand
|
2018-04-23 20:55:26 +02:00 |
|
Swissky
|
aace268267
|
Payment functionality - International Tests
|
2018-04-23 20:45:54 +02:00 |
|
Swissky
|
02484cee00
|
BUGFIX: API Payment
|
2018-04-23 18:46:09 +02:00 |
|
Swissky
|
9c5eade544
|
Update methodology - Bugfix
|
2018-04-23 18:44:49 +02:00 |
|
Swissky
|
f832022920
|
Drupalgeddon2 update + Payment API in Methodology
|
2018-04-23 18:41:59 +02:00 |
|
Swissky
|
f62d466340
|
Fix Golden Ticket
|
2018-04-15 16:02:27 +02:00 |
|
Swissky
|
b8fbca3347
|
AD Attack - Golden Ticket + SQL/OpenRed/SSRF
|
2018-04-12 23:23:41 +02:00 |
|
Swissky
|
e6b5dfa3de
|
Fix README broken links
|
2018-03-25 23:51:22 +02:00 |
|
Swissky
|
d1f6e8397d
|
Refactoring XSS 0/?
|
2018-03-23 13:53:53 +01:00 |
|
Swissky
|
30019235f8
|
SQLmap tips + Active Directory attacks + SQLite injections
|
2018-03-12 09:17:31 +01:00 |
|
Swissky
|
b87c3fd7ff
|
Traversal Dir + NoSQL major updates + small addons
|
2018-02-15 23:27:42 +01:00 |
|
Swissky
|
3793d91fd4
|
Mimikatz + Credential Windows + XXE update
|
2017-12-06 20:40:29 +01:00 |
|
Swissky
|
2c048f7b52
|
SSRF Ip script + DDL & Execute Windows
|
2017-11-24 09:57:48 +01:00 |
|
Swissky
|
dad26ce5e5
|
More Burp Intruder file - SQLi + Path traversal + XSS
|
2017-08-06 01:12:41 +02:00 |
|