brnhrd
15e44bdfe6
Fix table of contents
2020-12-02 14:19:59 +01:00
Swissky
3314f8bd99
Merge pull request #294 from lanjelot/add-s3-objects-check
...
Add tool nccgroup/s3_objects_check
2020-11-29 19:25:07 +01:00
lanjelot
bca107cc64
Move duplicated tool references into one place
2020-11-30 01:38:04 +11:00
lanjelot
10e6c075f7
Add tool nccgroup/s3_objects_check
2020-11-30 01:17:15 +11:00
Swissky
7cd34d4ffa
Merge pull request #293 from cervoise/patch-1
...
Update README.md
2020-11-26 18:45:16 +01:00
Cervoise
e9de4e9d78
Update README.md
...
Add the "?" trick.
2020-11-26 16:43:10 +01:00
Swissky
b918095775
AzureHound
2020-11-24 12:41:34 +01:00
Swissky
13ed9c8628
Merge pull request #292 from paupaulaz/master
...
Puts the H1 reports at the right place
2020-11-22 12:57:27 +01:00
paupaulaz
b7547cc171
Puts the H1 reports at the right place
...
The HackerOne reports mentioned in this doc are referring to Request Smuggling, not CSRF
2020-11-22 10:52:20 +01:00
Swissky
a639121b21
Merge pull request #291 from marcan2020/patch-11
...
Remove unnecessary condition to extract columns
2020-11-18 10:12:53 +01:00
marcan2020
3cf44386da
Remove unnecessary condition to extract columns
...
Since we retrieve only the rows with a specific table name `name ='table_name', the table name won't start with `sqlite_` .
Thus, we can remove the unnecessary condition.
2020-11-17 19:59:11 -05:00
Swissky
8863292545
Merge pull request #290 from bascoe10/patch-1
...
Sorted the list of revshell options
2020-11-14 22:28:53 +01:00
Abass Sesay
95b07c9e3e
Sorted the list of revshell options
...
Miniscule change because it was grinding my grinding my gears that the list is not sorted :-)
2020-11-14 09:20:49 -08:00
Swissky
a60caaefef
Merge pull request #289 from samsbp/master
...
Update ssrf payloads specific to java
2020-11-08 12:47:15 +01:00
PwnL0rd
bde7fc738c
added link in the reference section
2020-11-08 12:00:35 +05:30
security-is-myth
f3066722ee
update SSRF/README.md with java payloads
2020-11-07 22:07:18 +05:30
security-is-myth
08bc3acb05
update SSRF/README.md with java payloads
2020-11-07 22:03:02 +05:30
Swissky
bd184487e5
NTLM Hashcat
2020-11-06 16:20:03 +01:00
Swissky
6a82f47f32
Merge pull request #288 from bolli95/master
...
TWITTER.md added
2020-11-03 12:57:53 +01:00
Swissky
0492545960
Update TWITTER.md
2020-11-03 12:57:33 +01:00
Max Boll
5930efcb80
TWITTER.md added
2020-11-03 11:37:20 +01:00
Swissky
f9e2512080
Merge pull request #287 from beomsu317/master
...
Update SQL-Injection
2020-11-03 10:38:02 +01:00
Swissky
464fbeb8f4
Merge pull request #285 from random-robbie/patch-1
...
Update README.md
2020-10-31 22:47:09 +01:00
Robbie
e8fccb6dd2
Update README.md
...
added 169.254.169.254 decimal
2020-10-31 20:19:27 +00:00
Swissky
7f36bf58a4
Merge pull request #284 from akoul02/patch-1
...
Improved Jade payload
2020-10-31 16:47:10 +01:00
akoul02
ed944a95af
Improved Jade payload
2020-10-31 18:02:29 +03:00
Swissky
1137bfca8d
Remote Desktop Services Shadowing
2020-10-30 21:10:00 +01:00
Swissky
4fe1d71ad8
Merge pull request #283 from d4rkc0nd0r/patch-9
...
Update MySQL Injection.md
2020-10-29 16:44:14 +01:00
Siddharth Reddy
2bdd23dc51
Update MySQL Injection.md
2020-10-29 17:03:22 +05:30
Swissky
c7be142d62
Merge pull request #282 from Gorgamite/patch-3
...
Added winPEAS to windows privilege escalation tool
2020-10-29 12:20:55 +01:00
Gorgamite
f9389d708b
Added winPEAS to windows privilege escalation tool
...
WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe
It doesn't auto exploit, but it's rather thorough and effective.
2020-10-29 03:57:40 -07:00
Swissky
db533aabd4
Merge pull request #280 from Gorgamite/master
...
Added LinPEAS to Linux Privesc.
2020-10-29 11:56:44 +01:00
Swissky
2746451408
Merge pull request #279 from Gorgamite/patch-1
...
Added more information on kernel exploits
2020-10-29 11:55:25 +01:00
Gorgamite
ff3b45e0b7
Added LinPEAS to Linux Privesc.
...
I very strongly recommend adding LinPEAS to the enumeration tools. LinPEAS is arguably the best linux privesc enumeration tool out there. If you haven't used it, I'd try it out. It highlights all relevant information with color coded text, and you can pass it parameters to control the thoroughness of the scan. You should add WinPEAS for windows privesc as well.
2020-10-29 03:50:05 -07:00
Gorgamite
1b69a3ef73
Update Linux - Privilege Escalation.md
2020-10-29 03:22:08 -07:00
Swissky
9eb84bcfb7
Merge pull request #278 from marcan2020/patch-10
...
Add Springboot Actuator RCE
2020-10-28 18:37:38 +01:00
marcan2020
1535077d9d
Add Springboot Actuator RCE
2020-10-28 12:05:12 -04:00
Swissky
ae3a4d4336
Merge pull request #277 from bolli95/master
...
XSS detection tools added
2020-10-27 15:08:56 +01:00
Max Boll
2a65064d15
little update
2020-10-27 14:10:35 +01:00
Max Boll
8448bbc483
Merge branch 'master' of github.com:bolli95/PayloadsAllTheThings
2020-10-27 13:31:51 +01:00
Max Boll
350c55a1ac
XSS Tools added
2020-10-27 13:31:37 +01:00
Swissky
99f53ae9b4
Merge pull request #276 from clem9669/patch-5
...
Adding marshalsec tool & references
2020-10-26 16:35:02 +01:00
clem9669
f7c837ffdd
Adding marshalsec tool & references
...
Adding marshalsec tool & references
2020-10-26 14:43:16 +00:00
Swissky
c52cfb1200
Merge pull request #275 from c-nagy/master
...
Added a brief overview for type juggling
2020-10-26 14:57:06 +01:00
@cnagy
ec445110d6
Added a brief overview for type juggling
2020-10-25 19:19:44 +00:00
Swissky
fa497c2149
Merge pull request #274 from bolli95/master
...
CORS and CRLF documentation updated
2020-10-25 14:02:02 +01:00
Swissky
9992990e40
Update README.md
2020-10-25 14:01:53 +01:00
Swissky
9e61eb91be
Merge pull request #273 from Gorgamite/master
...
Specifying alternative access method through SSH
2020-10-25 11:50:01 +01:00
Max Boll
91fc542c81
Merge branch 'master' of github.com:bolli95/PayloadsAllTheThings
2020-10-25 11:08:15 +01:00
Max Boll
570213a2f8
CORS and CRLF README.md updated
2020-10-25 11:07:50 +01:00