Alexandre ZANNI
|
c7a292c19d
|
XSS using base64 encoded href data in a link
|
2019-01-10 18:24:43 +01:00 |
|
Swissky
|
ea0bddc18a
|
Windows RCE wildcard + XSS UI redressing
|
2019-01-08 20:49:05 +01:00 |
|
Swissky
|
2e3aef1a19
|
Shell IPv6 + Sandbox credential
|
2019-01-07 18:15:45 +01:00 |
|
Swissky
|
8b39647de6
|
AWS S3 and Open redirect rewritten
|
2018-12-29 13:05:29 +01:00 |
|
Swissky
|
82d4ff6c1d
|
References added based on @ngalongc bug-bounty-references
|
2018-12-25 16:10:15 +01:00 |
|
Swissky
|
c25af52316
|
Blind XSS Angular JS
|
2018-12-24 15:09:43 +01:00 |
|
Swissky
|
a6475a19d9
|
Adding references sectio
|
2018-12-24 15:02:50 +01:00 |
|
Swissky
|
b4aff1a826
|
Architecture - Files/Intruder/Images and README + template
|
2018-12-23 00:45:45 +01:00 |
|
Swissky
|
928a454531
|
Blind XSS endpoint + SSRF Google + Nmap subdomains
|
2018-11-25 15:44:17 +01:00 |
|
Swissky
|
565b40d177
|
reGeorg + Meterpreter socks + S3 trick name
|
2018-11-24 13:49:08 +01:00 |
|
Swissky
|
a0f8e846fa
|
Blind XSS - XSS Hunter, Sleepy Puppy etc
|
2018-11-18 15:37:01 +01:00 |
|
omer citak
|
081df9b24d
|
add new attack patterns from Daniel miessler
https://github.com/danielmiessler/SecLists/edit/master/Fuzzing/Polyglots/XSS-Polyglots.txt
new attack patterns: line 1, 2, 3.
|
2018-11-16 14:45:51 +03:00 |
|
Swissky
|
af9abc6592
|
More CVE - RCE : Jenkins, JBoss, WebLogic, WebSphere
|
2018-11-15 23:13:08 +01:00 |
|
Swissky
|
ddfdc51e68
|
Credit fix - WAF bypass
|
2018-11-09 12:43:30 +01:00 |
|
Swissky
|
86db6b7f6f
|
Polyglot XSS from @filedescriptor's Polyglot Challenge
|
2018-10-31 23:41:11 +01:00 |
|
Swissky
|
4b7fe437a5
|
LDAP userPassword attribute
|
2018-10-31 22:34:10 +01:00 |
|
Swissky
|
add00c7357
|
JWT JSON Web Token + SSI files
|
2018-10-29 22:22:10 +01:00 |
|
Swissky
|
f1eefd2722
|
Script Docker RCE
|
2018-10-18 17:32:01 +02:00 |
|
Swissky
|
cce0444245
|
SQL injection - Intruders payloads
|
2018-09-21 18:44:32 +02:00 |
|
Swissky
|
2a080f82e6
|
Cassandra SQL + XSS MD + PHP Type Juggling
|
2018-09-10 20:40:43 +02:00 |
|
Swissky
|
90f4c3634e
|
PDF JS
|
2018-09-06 20:28:30 +02:00 |
|
Swissky
|
64e577b650
|
CSP bypass fix link
|
2018-09-01 15:38:57 +02:00 |
|
Swissky
|
fe52b32af8
|
XSS CSP Bypass + PostgreSQL read/write
|
2018-09-01 15:36:33 +02:00 |
|
Swissky
|
c38adaded3
|
CVE Apache Struts + XSS in Python Notebook
|
2018-08-28 18:48:26 +02:00 |
|
Swissky
|
0c707c4188
|
ImageTragick v2 + Angular 1.6+ XSS
|
2018-08-22 21:42:25 +02:00 |
|
Swissky
|
cfbe1a4469
|
SSRF Docker & Kubernetes
|
2018-08-19 16:32:26 +02:00 |
|
Swissky
|
e11339e669
|
Markdown formatting - Part 3
|
2018-08-13 13:07:37 +02:00 |
|
Swissky
|
b87e14a0ed
|
Markdown formatting - Part 2
|
2018-08-13 12:01:13 +02:00 |
|
Swissky
|
65654f81a4
|
Markdown formatting update
|
2018-08-12 23:30:22 +02:00 |
|
Swissky
|
177c12cb79
|
Multiple update in READMEs + RCE tricks
|
2018-08-12 00:17:58 +02:00 |
|
Swissky
|
644724396f
|
LaTeX display code + XSS location alternative
|
2018-08-01 21:19:18 +02:00 |
|
Isopach
|
8e26277407
|
Update README.md
Correct misspelling
|
2018-07-31 18:02:38 +09:00 |
|
Swissky
|
4a0fc27578
|
XSS Colors highlighting + JS code eval
|
2018-06-27 20:00:17 +02:00 |
|
Swissky
|
e6b5dfa3de
|
Fix README broken links
|
2018-03-25 23:51:22 +02:00 |
|
Swissky
|
d1f6e8397d
|
Refactoring XSS 0/?
|
2018-03-23 13:53:53 +01:00 |
|
Swissky
|
30019235f8
|
SQLmap tips + Active Directory attacks + SQLite injections
|
2018-03-12 09:17:31 +01:00 |
|
Swissky
|
70f38d5678
|
Payloads - Quick fix
|
2018-02-23 13:48:51 +01:00 |
|
Swissky
|
b87c3fd7ff
|
Traversal Dir + NoSQL major updates + small addons
|
2018-02-15 23:27:42 +01:00 |
|
Swissky
|
3793d91fd4
|
Mimikatz + Credential Windows + XXE update
|
2017-12-06 20:40:29 +01:00 |
|
Swissky
|
fea88a5738
|
SVG XSS + SSRF enclosed alphanumerics
|
2017-11-19 14:01:36 +01:00 |
|
Swissky
|
edd5f3601f
|
File inclusion - more intruders
|
2017-10-21 16:48:17 +02:00 |
|
Swissky
|
1ca215d5d7
|
Multiple update - LFI/RCE via phpinfo, Struts2 v2
|
2017-09-13 23:55:29 +02:00 |
|
Rakesh Mane
|
6e42b617cc
|
Update README.md
|
2017-08-07 21:22:36 +05:30 |
|
Swissky
|
dad26ce5e5
|
More Burp Intruder file - SQLi + Path traversal + XSS
|
2017-08-06 01:12:41 +02:00 |
|
Swissky
|
af48fc1ed4
|
More intruders folder - for BurpSuite
|
2017-07-30 13:42:32 +02:00 |
|
Swissky
|
8a3693855f
|
XSS Intruder + Eicar + SSRF http://0
|
2017-07-30 13:17:00 +02:00 |
|
Swissky
|
064467ecfc
|
SSTI + XSS Flash
|
2017-07-16 16:30:08 +02:00 |
|
Swissky
|
94470a2544
|
More payloads for XSS/SQL/LFI/Upload and XXE
|
2017-06-04 17:22:26 +02:00 |
|
Swissky
|
eecfc69c08
|
XSS Payload - bypass document blacklisted keyword
|
2017-03-02 17:39:15 +01:00 |
|
Swissky
|
23f00b55d5
|
Update SQL injection with Information.schema alternatives
|
2017-02-06 09:50:13 +01:00 |
|