Commit Graph

1894 Commits

Author SHA1 Message Date
Swissky
e86f221fe8 Fix typo in MSI installer 2023-10-11 21:05:54 +02:00
Swissky
5556f6ff79 MSI Installer - PrivEsc 2023-10-11 21:03:47 +02:00
Swissky
7f1823efbe Fix character matching for '>' and its URL entity encoding from @CaoZnZZ 2023-10-10 13:56:57 +02:00
Swissky
dd7525dc8f
Merge pull request #630 from mtausig/patch-2
Add documentation for PDF JS PoC
2023-10-10 12:57:44 +02:00
Swissky
a95f11b32e
Merge pull request #662 from Vunnm/master-1
Add JSON simple with form
2023-10-10 12:10:59 +02:00
Swissky
103f41898b
Merge pull request #663 from cfpadok/develop
feat: add cognito-scanner tool for AWS pentest
2023-10-09 23:19:43 +02:00
Swissky
12e56724f1
Merge pull request #678 from aadi1011/master
Added Clickjacking Technique
2023-10-09 21:11:54 +02:00
Swissky
19f138d4ad
Update README.md 2023-10-09 20:52:28 +02:00
Aadith Sukumar
a90cb7f2c7
Clickjacking Challenge 2023-10-09 11:38:37 +05:30
Aadith Sukumar
5115ac95e8
Improved References
Added Author names to references as requested in the CONTRIBUTING.md file.
2023-10-09 10:40:05 +05:30
Aadith Sukumar
2b54b5034f
Fixed Anchor in Summary 2023-10-09 09:42:20 +05:30
Aadith Sukumar
ce4affc79b
Update and rename Clickjacking.md to README.md 2023-10-09 09:40:28 +05:30
Aadith Sukumar
ad93bb5e22
Merge branch 'swisskyrepo:master' into master 2023-10-08 23:51:36 +05:30
Aadith Sukumar
bd42625b32
Create Clickjacking.md
Added a directory to discuss clickjacking attacks
2023-10-08 23:50:58 +05:30
Swissky
a71a793648
Merge pull request #676 from dahalsharad/add-wcd-exploit-description-and-image
added Web Cache Deception exploit, description and demonstrative image
2023-10-08 19:10:05 +02:00
sharad
37a4f8c977 added wcd exploit description and demonstrative image 2023-10-04 22:54:37 +05:45
Swissky
892c68e6e7 PEAR_Config example 2023-10-02 17:12:36 +02:00
Swissky
837f220264 LFI with pearcmd.php 2023-10-02 12:52:10 +02:00
Swissky
55edc9fc74 Fix MySQL duplicate cheatsheet 2023-10-01 12:45:12 +02:00
Swissky
d142587f28 Race Condition WIP + AD asreproast/kerberoasting 2023-10-01 12:42:20 +02:00
Swissky
a0475a2f45
Merge pull request #675 from nuts7/kerberoast-without-preauth
Add Kerberoasting w/o domain account
2023-09-30 18:51:19 +02:00
Swissky
485103e9bb IDOR Numeric, Hash, Wildcard and PRNG 2023-09-25 14:15:48 +02:00
Swissky
84569e18e4
Merge pull request #674 from eltociear/patch-1
Fix typo in README.md
2023-09-22 14:50:49 +02:00
nuts7
0cea24cfcb Add Kerberoasting w/o domain account
This commit add a Kerberoasting technique without domain account/credentials just a user without pre-authentication (AS_REP Roastable)
2023-09-22 13:38:28 +02:00
Ikko Eltociear Ashimine
2aaeac91f8
Fix typo in README.md
appropiate -> appropriate
2023-09-22 00:11:33 +09:00
Swissky
83f1af0af0 Command injection update 2023-09-21 13:09:57 +02:00
Swissky
e9fb4f100c Google Web Toolkit 2023-09-19 09:58:22 +02:00
Swissky
59640ba51a MYSQL Wide byte injection (GBK) 2023-09-14 10:53:37 +02:00
Swissky
64a6e3eb04
Merge pull request #672 from manesec/master
Add MYSQL Wide byte injection
2023-09-14 10:25:12 +02:00
Mane
811d71026f
Update MySQL Injection.md
fix typo
2023-09-13 08:33:03 -07:00
Mane
9574af9dd1
Update MySQL Injection.md
Add MYSQL Wide byte injection, it can test in Sqli-labs Less-32
2023-09-13 08:13:36 -07:00
Swissky
ed7c3a4e0c
Merge pull request #671 from Thy-GoD/patch-1
Add automatic shell upgrade via rustcat.
2023-09-09 10:50:33 +02:00
Thigh_GoD
c7549916b8
Update Reverse Shell Cheatsheet.md
Added small quality adjustment.
2023-09-09 03:51:35 +08:00
Thigh_GoD
cf9b9bf70c
Update Reverse Shell Cheatsheet.md
Added in automatic shell upgrade via rustcat.
2023-09-08 21:15:54 +08:00
Swissky
f9a2880ad5 Recover Public Key From Signed JWTs 2023-09-04 11:37:15 +02:00
Swissky
c030379871
Merge pull request #670 from superboy-zjc/master
Update Lodash SSTI
2023-09-03 17:30:52 +02:00
Swissky
a0c14e5299 SQL injections - WAF bypass 2023-09-03 14:26:03 +02:00
2h0ng
34da0e2708
Update Lodash SSTI
Update Lodash SSTI
2023-09-02 21:24:59 -04:00
Swissky
7752ff806f ASPNET Cookieless Bypass 2023-09-02 23:01:10 +02:00
Swissky
e879ca42a3
Merge pull request #668 from sethsec-bf/patch-1
Added CloudFox and CloudFoxable
2023-08-31 10:37:38 +02:00
Seth Art
339a51cd0d
Added CloudFox and CloudFoxable 2023-08-30 14:11:11 -04:00
Swissky
53ec79abd0 Initial Access Cheatsheet 2023-08-26 22:01:45 +02:00
Swissky
930044d7c1
Merge pull request #666 from dwisiswant0/feat/ssrf-add-tool
feat(SSRF): add tool
2023-08-26 12:50:56 +02:00
Swissky
9db39952e7
Merge pull request #667 from PakCyberbot/master-1
Update SQLite Injection.md
2023-08-26 12:50:06 +02:00
Pak Cyberbot
d5922f421c
Update SQLite Injection.md
Column names of the specified table can be more easily extracted in a better output.
Tested during the CTF
2023-08-25 15:24:52 +05:00
Dwi Siswanto
63379b9291
feat(SSRF): add tool 2023-08-25 16:34:45 +07:00
Swissky
b0dfcfd438 Hidden Parameters 2023-08-24 22:15:11 +02:00
Swissky
e2e2da74ce
Merge pull request #664 from ScriptSathi/master
feat: Add Rust reverse shell for unix
2023-08-22 18:04:31 +02:00
Tristan D'audibert
aea130a1ac Add Rust reverse shell for unix 2023-08-21 17:50:11 +02:00
cfgs
538a7b024b feat: add cognito-scanner tool for AWS pentest 2023-08-08 10:41:54 +02:00