Thomas Orlita
|
d0bb0f6f5b
|
Update CSP Evaluator blog link
|
2020-05-10 10:32:51 +02:00 |
|
Swissky
|
a436e0fe7e
|
Merge pull request #202 from rezaduty/patch-1
add Self Closing Script
|
2020-05-06 22:16:05 +02:00 |
|
reza.duty
|
eb28e4c28d
|
add Self Closing Script
|
2020-05-06 22:57:55 +04:30 |
|
Swissky
|
a322dc2da9
|
Merge pull request #200 from denandz/master
Added Postgres SQLi information on xml helpers and file read/write
|
2020-05-05 15:14:39 +02:00 |
|
DoI
|
5aad5795d2
|
minor spelling fix
|
2020-05-05 15:15:50 +12:00 |
|
DoI
|
53db029d4e
|
Added additional info to the Postgres SQLi page
|
2020-05-05 15:10:44 +12:00 |
|
Swissky
|
a4b987d46b
|
Merge pull request #198 from joker2a/patch-1
Update Linux - Privilege Escalation.md
|
2020-05-04 12:09:35 +02:00 |
|
joker2a
|
32b83da302
|
Update Linux - Privilege Escalation.md
Add new privesc for (Centos/Redhat)
Writable /etc/sysconfig/network-scripts/
|
2020-05-04 11:44:24 +02:00 |
|
Swissky
|
5c7e67b05d
|
Merge pull request #197 from guanicoe/patch-2
Update Windows - Privilege Escalation.md
|
2020-05-03 23:17:05 +02:00 |
|
guanicoe
|
1fc8b57c85
|
Update Windows - Privilege Escalation.md
added Get-Process to list processes
|
2020-05-03 21:11:01 +00:00 |
|
Swissky
|
5163ef902c
|
XSS Google Scholar Payload + Skeleton Key Persistence
|
2020-05-03 16:28:17 +02:00 |
|
Swissky
|
e9b296adb3
|
DoyenSec Payloads XSS Google Scholar
|
2020-05-02 14:31:33 +02:00 |
|
Swissky
|
da5dc1299e
|
MSSQL Trusted Link
|
2020-05-01 12:06:18 +02:00 |
|
Swissky
|
008cbcf9fc
|
Merge pull request #196 from idealphase/master
Adding Execute code using SSTI for ERB engine in SSTI vulnerability payload
|
2020-04-30 12:30:40 +02:00 |
|
idealphase
|
712e3b93f6
|
Sorting like basic injection part
|
2020-04-30 17:15:31 +07:00 |
|
idealphase
|
7f1fb32980
|
Adding Execute code using SSTI for ERB engine.
|
2020-04-30 17:13:58 +07:00 |
|
Swissky
|
04899355ad
|
Magic Hashes + SQL fuzz
|
2020-04-26 21:43:42 +02:00 |
|
Swissky
|
879ead1558
|
Merge pull request #193 from pascalschulz/patch-1
added Hacksplained's YT channel
|
2020-04-23 13:27:27 +02:00 |
|
Pascal Schulz
|
bdf06d4183
|
added Hacksplained's YT channel
|
2020-04-23 13:11:51 +02:00 |
|
Swissky
|
02ec624732
|
Merge pull request #192 from thibaudrobin/master
Linux privesc - SSH Key Predictable PRNG (Authorized_Keys) Process
|
2020-04-22 16:11:41 +02:00 |
|
Th1b4ud
|
7c8e9ac4ce
|
Typo
|
2020-04-22 16:01:49 +02:00 |
|
Th1b4ud
|
14d03b96a1
|
Linux privesc - SSH Key Predictable PRNG (Authorized_Keys) Process - Summary
|
2020-04-22 16:00:31 +02:00 |
|
Th1b4ud
|
2e507a2b2f
|
Linux privesc - SSH Key Predictable PRNG (Authorized_Keys) Process
|
2020-04-22 15:55:10 +02:00 |
|
Swissky
|
298da2d4e4
|
Merge pull request #191 from drakang4/patch-1
Fix typo
|
2020-04-22 09:59:31 +02:00 |
|
Heeryong Kang
|
c2b8018617
|
fix typo
|
2020-04-22 16:09:18 +09:00 |
|
Swissky
|
bf73393921
|
Merge pull request #188 from bohdansec/master
Update Cloudflare XSS bypasses
|
2020-04-21 23:57:06 +02:00 |
|
bohdansec
|
c4af354d8f
|
Update Cloudflare XSS bypasses
Add 3 bypasses by Bohdan Korzhynskyi. Update twitter
|
2020-04-22 00:51:36 +03:00 |
|
bohdansec
|
2615968e96
|
Merge pull request #1 from swisskyrepo/master
Update
|
2020-04-22 00:12:54 +03:00 |
|
Swissky
|
735b0d2277
|
Merge pull request #187 from thibaudrobin/patch-2
Alternative TTY method with /usr/bin/script
|
2020-04-21 23:12:26 +02:00 |
|
Th1b4ud
|
2740600a6b
|
Alternative TTY method with /usr/bin/script
|
2020-04-21 19:21:51 +02:00 |
|
Swissky
|
eaac0e748e
|
Fix issue #185
|
2020-04-21 11:31:18 +02:00 |
|
Swissky
|
c8c4a6e8a9
|
Fix issue #185
|
2020-04-21 11:26:49 +02:00 |
|
Swissky
|
89f906f7a8
|
Fix issue - C reverse shell
|
2020-04-21 11:17:39 +02:00 |
|
Swissky
|
95fed140ec
|
Fix - SSTI Payloads
|
2020-04-21 11:13:19 +02:00 |
|
Swissky
|
0de5cb7123
|
Merge pull request #186 from Techbrunch/patch-6
Add insomnia to GraphQL list of tools
|
2020-04-21 10:56:59 +02:00 |
|
Techbrunch
|
ade039c1bc
|
Add insomnia to GraphQL list of tools
|
2020-04-21 10:49:47 +02:00 |
|
Swissky
|
1d8414c703
|
ASP.NET Razor SSTI
|
2020-04-18 21:18:22 +02:00 |
|
Swissky
|
af6760ef7a
|
RoadRecon + JSON None refs
|
2020-04-17 16:34:51 +02:00 |
|
Swissky
|
44e676ea70
|
Merge pull request #182 from thibaudrobin/patch-1
Add others shell on reverse shell cheatsheet
|
2020-04-13 19:42:58 +02:00 |
|
Swissky
|
a19fd013fb
|
Merge pull request #181 from SecGus/master
Added RCE SSTI Jinja2 Bypass payload developed by SecGus (chivato)
|
2020-04-13 19:42:14 +02:00 |
|
chiv
|
7e7f5e7628
|
Added SSTI RCE bypass payload for Jinja2
|
2020-04-13 18:48:43 +01:00 |
|
chiv
|
cc3b05017d
|
Added a new RCE payload to Jinja2 SSTI bypasses
|
2020-04-13 18:44:16 +01:00 |
|
Th1b4ud
|
29194a8ef1
|
Add others shell on reverse shell cheatsheet
Add others shell on reverse shell cheatsheet
|
2020-04-13 19:06:01 +02:00 |
|
Swissky
|
bc8dd0b784
|
Merge pull request #180 from mindfuckup/master
Added: Other CORS Misconfigurations
|
2020-04-12 17:51:52 +02:00 |
|
Emanuel Duss
|
54e3887077
|
Added PortSwigger Web Security Academy CORS Link
|
2020-04-12 15:12:34 +02:00 |
|
Emanuel Duss
|
3e5b367224
|
Added CORS Exploit when wildcard origin is allowed
|
2020-04-12 15:06:28 +02:00 |
|
Emanuel Duss
|
f120024c6b
|
Added CORS exploitation with strict trusted origin whitelist using XSS
|
2020-04-12 14:57:04 +02:00 |
|
Emanuel Duss
|
48fcdeb7ca
|
Some clarification in the exploit code
|
2020-04-12 14:38:52 +02:00 |
|
Emanuel Duss
|
4537555714
|
Added: CORS Misconfiguration with Null Origin allowed
|
2020-04-12 14:30:16 +02:00 |
|
Swissky
|
dd42b44011
|
Merge pull request #179 from mindfuckup/master
Added: Cross-Site WebSocket Hijacking (CSWSH)
|
2020-04-11 18:26:22 +02:00 |
|