Swissky
|
8dffb59ac5
|
Pspy + Silver Ticket + MSSQL connect
|
2019-08-18 22:24:48 +02:00 |
|
Swissky
|
4a176615fe
|
CORS Misconfiguration
|
2019-08-18 12:08:51 +02:00 |
|
Swissky
|
b6697d8595
|
SSRF SVG + Windows Token getsystem
|
2019-08-15 18:21:06 +02:00 |
|
Swissky
|
9a8b2fee8e
|
Merge pull request #83 from noraj/patch-3
add XXE ftp tool
|
2019-08-06 18:06:38 +02:00 |
|
Alexandre ZANNI
|
66c9d945b7
|
Update README.md
|
2019-08-06 17:28:47 +02:00 |
|
Swissky
|
bd449e9cea
|
XSS PostMessage
|
2019-08-03 23:22:14 +02:00 |
|
Swissky
|
9b96c7692f
|
XSS onpointer*
|
2019-08-01 14:39:15 +02:00 |
|
Swissky
|
a331d87ffe
|
Better sponsoring method
|
2019-07-27 13:13:10 +02:00 |
|
Swissky
|
6baa446144
|
Directory Traversal CVE 2018 Spring
|
2019-07-27 13:02:16 +02:00 |
|
Swissky
|
98124178db
|
EoP - Juicy Potato
|
2019-07-26 15:29:34 +02:00 |
|
Swissky
|
657823a353
|
PTH Mitigation + Linux Smart Enumeration
|
2019-07-26 14:24:58 +02:00 |
|
Swissky
|
f6c0f226af
|
PXE boot attack
|
2019-07-25 14:08:32 +02:00 |
|
Swissky
|
859695e2be
|
Update PrivExchange based on chryzsh blog post
|
2019-07-24 14:10:58 +02:00 |
|
Swissky
|
a14b3af934
|
Active Directory - Resource Based Constrained Delegation
|
2019-07-22 21:45:50 +02:00 |
|
Swissky
|
0b9d76eb8e
|
HQL references
|
2019-07-19 19:34:23 +02:00 |
|
Swissky
|
45af613fd9
|
Active Directory - Unconstrained delegation
|
2019-07-17 23:17:35 +02:00 |
|
Swissky
|
3cce80cd53
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2019-07-14 14:24:00 +02:00 |
|
Swissky
|
382bd9acec
|
Type Juggling - Another SHA 256
|
2019-07-14 14:23:20 +02:00 |
|
Swissky
|
ca331acba8
|
Merge pull request #79 from LewisArdern/patch-1
adding reference to blog
|
2019-07-13 00:11:10 +02:00 |
|
Lewis
|
dab064a583
|
adding reference to blog
|
2019-07-12 12:49:02 -07:00 |
|
Swissky
|
504caa3b50
|
SSTI by calling Popen without guessing the offset
|
2019-07-10 21:31:44 +02:00 |
|
Swissky
|
bdef021a6d
|
Magic Hashes SHA224 and SHA256
|
2019-07-10 21:26:24 +02:00 |
|
Swissky
|
05054af343
|
JWT RS256 to HS256 using pubkey to generate a signature
|
2019-07-10 20:58:50 +02:00 |
|
Swissky
|
6cecb8fa7a
|
GraphQL - Projection + Edges/Nodes
|
2019-07-05 21:34:04 +02:00 |
|
Swissky
|
f6564869f0
|
Fix typo in PHP Object injection
|
2019-07-05 18:42:42 +02:00 |
|
Swissky
|
13ba72f124
|
GraphQL + RDP Bruteforce + PostgreSQL RCE
|
2019-07-01 23:29:29 +02:00 |
|
Swissky
|
46780de750
|
PostgreSQL rewrite + LFI SSH
|
2019-06-29 19:23:34 +02:00 |
|
Swissky
|
144b3827ab
|
MS14-068 + /etc/security/opasswd
|
2019-06-29 17:55:13 +02:00 |
|
Swissky
|
3b85f1b6fc
|
UTF-8 encoding for File Inclusion
|
2019-06-29 11:20:17 +02:00 |
|
Swissky
|
b148a9c906
|
Merge pull request #76 from ElonSalfati/master
Added 2 working sql injection lines
|
2019-06-28 17:30:12 +02:00 |
|
Elon Salfati
|
a4411ae086
|
Added 2 working sql injection lines
|
2019-06-28 18:16:45 +03:00 |
|
Swissky
|
7dda79bfc1
|
ImageMagik Ghost Script + Typo git summary
|
2019-06-26 00:07:06 +02:00 |
|
Swissky
|
1cec6e9a35
|
Merge pull request #75 from scarvell/master
Added Freemarker SSTI PoC that doesn't require the use of "tags"/spaces
|
2019-06-24 14:32:11 +02:00 |
|
Brendan Scarvell
|
601db0e188
|
Added freemarker PoC that doesn't require spaces or tags
|
2019-06-24 21:38:56 +10:00 |
|
Swissky
|
9be62677b6
|
Add root user + PHP null byte version
|
2019-06-24 00:21:39 +02:00 |
|
Swissky
|
c3f96c6753
|
GraphQL injection : blind nosqli + sqli
|
2019-06-21 17:01:43 +02:00 |
|
Swissky
|
9745e67465
|
HQL Injection + references update
|
2019-06-16 23:45:52 +02:00 |
|
Swissky
|
6921cde15c
|
Merge pull request #73 from ahhh/patch-1
Update Windows - Privilege Escalation.md
|
2019-06-12 00:14:08 +02:00 |
|
Dan Borges
|
24a05c7098
|
Update Windows - Privilege Escalation.md
|
2019-06-11 11:51:09 -07:00 |
|
Swissky
|
8cec2e0ca3
|
Linux PrivEsc - Writable files
|
2019-06-10 11:09:02 +02:00 |
|
Swissky
|
94a60b43d6
|
Writable /etc/sudoers + Meterpreter autoroute
|
2019-06-10 11:00:54 +02:00 |
|
Swissky
|
a85fa5af28
|
Local File Include : rce via mail + kadimus
|
2019-06-10 00:05:47 +02:00 |
|
Swissky
|
5d4f65720a
|
PrivEsc - Common Exploits
|
2019-06-09 20:53:41 +02:00 |
|
Swissky
|
e8cd11f88f
|
plink + sshuttle : Network Pivoting Techniques
|
2019-06-09 18:13:15 +02:00 |
|
Swissky
|
adcea1a913
|
Linux PrivEsc + SSH persistency
|
2019-06-09 16:05:44 +02:00 |
|
Swissky
|
f5a8a6b62f
|
Meterpreter shell
|
2019-06-09 14:26:14 +02:00 |
|
Swissky
|
93f6c03b54
|
GraphQL + LXD/etc/passwd PrivEsc + Win firewall
|
2019-06-09 13:46:40 +02:00 |
|
Swissky
|
00f50c5f32
|
Merge pull request #72 from h1-ragnar/patch-1
Cloudflare XSS Bypasses by Bohdan Korzhynskyi
|
2019-06-06 19:03:17 +02:00 |
|
h1-ragnar
|
edcac293a8
|
Cloudflare XSS Bypasses by Bohdan Korzhynskyi
|
2019-06-05 21:36:41 +03:00 |
|
Swissky
|
b031115588
|
Merge pull request #71 from jonasw234/master
Add nginx log files for LFI log poisoning
|
2019-05-30 12:33:24 +02:00 |
|