Commit Graph

463 Commits

Author SHA1 Message Date
Alexandre ZANNI
9f463d156b
little changes
- fix exploits ToC anchor
- add nosqlilab
2019-10-09 16:53:34 +02:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Swissky
8b0bd4d655
Merge pull request #99 from marcan2020/patch-4
Add  Angular Automatic Sanitization
2019-10-03 16:14:06 +02:00
Swissky
54d6161c9d
Merge pull request #98 from marcan2020/patch-3
Add .NET references
2019-10-03 16:13:25 +02:00
Swissky
cb9b7a1304
Merge pull request #97 from marcan2020/patch-2
Fix dead youtube link
2019-10-03 16:13:00 +02:00
marcan2020
920da73bd7
Add Angular automatic sanitization 2019-10-02 21:24:53 -04:00
marcan2020
4f38666c35
Add .NET references 2019-10-02 20:23:37 -04:00
marcan2020
e180d1f7e6
Fix dead youtube link 2019-10-02 20:09:41 -04:00
Swissky
e1e5397d4c
Merge pull request #96 from h3xstream/master
Add local DTD section to the XXE Injection page
2019-10-02 20:41:37 +02:00
Philippe Arteau
f2beb0dbbc
Add local DTD section to the XXE Injection page 2019-10-01 18:22:42 -04:00
Swissky
6a11a6c670
Merge pull request #94 from Luci-d/patch-1
Add Spyse to network discovery
2019-09-30 14:08:00 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
9a02958b51 API Key Leaks - Twitter/Twilio/Gitlab 2019-09-22 17:06:44 +02:00
Swissky
8061cdd856
Merge pull request #92 from Techbrunch/patch-2
Add XXE payload inside SVG
2019-09-18 08:12:37 +02:00
Techbrunch
8822199f65
Add XXE payload inside SVG
Source: https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload
2019-09-17 16:23:14 +02:00
Swissky
a0917241ad Pebble - Server Side Template Injection 2019-09-17 15:43:13 +02:00
Swissky
e6f94af721
Update FUNDING.yml with buymeacoffee 2019-09-13 17:49:47 +02:00
Swissky
742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Swissky
2a4c4f46b2
Merge pull request #88 from ricardojba/patch-1
Add Host/Split Unicode Normalization
2019-08-30 10:03:46 +02:00
Ricardo
0625e2aebf
Add Host/Split Unicode Normalization
Add Host/Split Exploitable Antipatterns in Unicode Normalization BH 2019 for filter bypass
2019-08-30 08:57:22 +01:00
Swissky
c6824e7aa9
Merge pull request #86 from JLLeitschuh/patch-1
Add XSS dot filter bypass with decimal IP
2019-08-29 20:12:51 +02:00
Swissky
da3bdc5f61
Merge pull request #87 from noraj/patch-1
add missing backtick
2019-08-29 10:31:47 +02:00
Alexandre ZANNI
72c54b5c1b
add missing backtick 2019-08-29 09:49:09 +02:00
Swissky
bb305d0183 Network Discovery - Masscan update 2019-08-29 01:08:26 +02:00
Jonathan Leitschuh
7b6c8d46aa
Add dot filter bypass with decimal IP 2019-08-28 13:56:55 -04:00
Swissky
6c161f26b2 JWT None alternative + MS15-051 2019-08-22 23:03:48 +02:00
Swissky
e0220d1f17
Merge pull request #85 from TH3xACE/patch-1
Update Linux - Privilege Escalation.md
2019-08-19 08:11:50 +02:00
David B
3fd0791c2a
Update Linux - Privilege Escalation.md
Adding a tool that helps with privilege escalation on linux through SUDO.
2019-08-19 00:55:30 +02:00
Swissky
8dffb59ac5 Pspy + Silver Ticket + MSSQL connect 2019-08-18 22:24:48 +02:00
Swissky
4a176615fe CORS Misconfiguration 2019-08-18 12:08:51 +02:00
Swissky
b6697d8595 SSRF SVG + Windows Token getsystem 2019-08-15 18:21:06 +02:00
Swissky
9a8b2fee8e
Merge pull request #83 from noraj/patch-3
add XXE ftp tool
2019-08-06 18:06:38 +02:00
Alexandre ZANNI
66c9d945b7
Update README.md 2019-08-06 17:28:47 +02:00
Swissky
bd449e9cea XSS PostMessage 2019-08-03 23:22:14 +02:00
Swissky
9b96c7692f XSS onpointer* 2019-08-01 14:39:15 +02:00
Swissky
a331d87ffe
Better sponsoring method 2019-07-27 13:13:10 +02:00
Swissky
6baa446144 Directory Traversal CVE 2018 Spring 2019-07-27 13:02:16 +02:00
Swissky
98124178db EoP - Juicy Potato 2019-07-26 15:29:34 +02:00
Swissky
657823a353 PTH Mitigation + Linux Smart Enumeration 2019-07-26 14:24:58 +02:00
Swissky
f6c0f226af PXE boot attack 2019-07-25 14:08:32 +02:00
Swissky
859695e2be Update PrivExchange based on chryzsh blog post 2019-07-24 14:10:58 +02:00
Swissky
a14b3af934 Active Directory - Resource Based Constrained Delegation 2019-07-22 21:45:50 +02:00
Swissky
0b9d76eb8e HQL references 2019-07-19 19:34:23 +02:00
Swissky
45af613fd9 Active Directory - Unconstrained delegation 2019-07-17 23:17:35 +02:00
Swissky
3cce80cd53 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2019-07-14 14:24:00 +02:00
Swissky
382bd9acec Type Juggling - Another SHA 256 2019-07-14 14:23:20 +02:00