pop3ret
4b4a630085
Changed summary and chapters
...
Changed summary to include the cheatsheet and also changed the format of the cheatsheet to be the same as the original file
2022-10-09 16:01:14 -03:00
Fabian S. Varon Valencia
c82ec3a902
update URL 0dayallday is not working, same article found in blackmarble.sh
2022-10-08 23:32:31 -05:00
Fabian S. Varon Valencia
a07468af9b
use web archive to retrieve a readable version of this website - currently unavailable
2022-10-08 23:31:43 -05:00
Fabian S. Varon Valencia
5cdc02282c
update 10 password reset flaws URL
2022-10-08 23:30:31 -05:00
Fabian S. Varon Valencia
d214af633c
remove post exploitation koadic link (not found)
2022-10-08 22:53:55 -05:00
Fabian S. Varon Valencia
ea86f20472
Add AMSI Bypass and DPAPI links
2022-10-08 22:53:35 -05:00
pop3ret
cabc51e43b
Merge branch 'swisskyrepo:master' into master
2022-10-07 07:56:54 -03:00
Swissky
522b55eec5
Update Cloud - AWS Pentest.md
2022-10-07 10:50:59 +02:00
Swissky
c06dfbec95
Merge pull request #560 from clem9669/master
...
Update XSS_Polyglots.txt
2022-10-07 00:14:29 +02:00
pop3ret
00189411d4
Merge AWSome Pentesting into Cloud - AWS Pentest
...
Merge the notes with the existing one
2022-10-06 13:43:09 -03:00
Swissky
347381d6dc
Merge pull request #565 from gdraperi/master
...
Argument Injection technique
2022-10-06 17:55:58 +02:00
Swissky
ba9eb30940
Fix links
2022-10-06 17:55:16 +02:00
gregory draperi
69c6ee87c6
Argument Injection technique
2022-10-06 16:56:44 +02:00
Swissky
655cec1f1a
Merge pull request #562 from nayeems3c/master
...
Added 2FA bypass via Force Browsing on Account Takeover branch
2022-10-05 18:46:52 +02:00
Swissky
2c10b28976
Merge pull request #561 from gdraperi/patch-2
...
Update YAML.md
2022-10-05 14:55:34 +02:00
gdraperi
666a90ffee
Update YAML.md
...
Updating the actual risks for Python
2022-10-05 13:47:24 +02:00
Nayeem Islam
7e82d93897
Added 2FA bypass via Force Browsing on Account Takeover branch
2022-10-05 17:42:01 +06:00
clem9669
2aa353a5b9
Update XSS_Polyglots.txt
...
Adding the latest BruteLogic polyglot
2022-10-05 09:45:15 +00:00
Swissky
a766679356
Merge pull request #559 from gdraperi/patch-1
...
Update README.md
2022-10-05 10:20:58 +02:00
Swissky
643374e1d7
Add reference
2022-10-05 10:20:05 +02:00
gdraperi
2d03a74555
Update README.md
...
Adding payloads for Citrix and Cisco
2022-10-05 10:06:21 +02:00
Swissky
44d761eb2c
Merge pull request #558 from CyberVarun/master
...
Added portswigger labs and reference in Command injection
2022-10-05 09:58:40 +02:00
Varun Jagtap
3022c25995
Added portswigger labs and reference
2022-10-05 12:50:10 +05:30
Swissky
c420ed6bf7
Merge pull request #553 from ndsvw/Linkfix
...
Fixed invalid hyperlink
2022-10-04 11:08:59 +02:00
Swissky
a1c783d8d2
Merge pull request #555 from mschader/patch-8
...
CVE Exploit: Add trickest CVE repo
2022-10-04 09:42:05 +02:00
Swissky
a5c91d8ed3
Merge pull request #556 from mschader/patch-9
...
Zip Slip: Add slipit to tools
2022-10-04 09:40:51 +02:00
Swissky
77b0599653
Merge pull request #554 from qligier/master
...
XXE: Improve the documentation
2022-10-03 18:44:54 +02:00
Markus
950114b9e6
Zip Slip: Add slipit to tools
2022-10-03 18:19:28 +02:00
Markus
f8d04cef3b
CVE Exploit: Add trickest CVE repo
2022-10-03 17:51:39 +02:00
Quentin Ligier
6bbdc85aa2
XXE: Improve the documentation
...
- Add two references: "OWASP XXE prevention cheat sheet" and "XXE: How to become a Jedi"
- Describe the Parameters Laugh attack
- Expand the WAF bypass method with UTF-7
- Update the summary
2022-10-03 17:14:22 +02:00
Alexander Lübeck
576322d475
Fixed invalid hyperlink
2022-10-02 15:58:16 +02:00
Swissky
bbe4bbce05
Merge pull request #552 from swisskyrepo/hacktober-methodo-rework
...
Methodology and enumeration rework
2022-10-02 13:14:35 +02:00
Swissky
99a1304af9
Methodology and enumeration rework
2022-10-02 13:13:16 +02:00
Swissky
3f1689b9bc
Merge pull request #551 from swisskyrepo/hacktober-blind-ssti
...
Blind SSTI Jinja
2022-10-02 12:27:07 +02:00
Swissky
4ed3e3b6b9
Blind SSTI Jinja
2022-10-02 12:24:39 +02:00
Swissky
444d8ad169
Merge pull request #549 from InTruder-Sec/master
...
Added PortSwigger Labs to the repo
2022-10-02 12:16:08 +02:00
Swissky
6b9f6de7dd
Merge pull request #548 from mschader/patch-7
...
Java RMI: Add remote-method-guesser to tools
2022-10-02 12:14:51 +02:00
Deep Dhakate
a670a26eea
Update
2022-10-02 06:13:01 +00:00
Shahne Rodgers
1659e7c50e
Adds more details to the HTTP request smuggling topic
...
I've tried to give a brief (and certainly not exhaustive) summary of what HTTP request smuggling actually is, HTTP/2 request smuggling attacks and James Kettle's new research on client-side desync attacks.
2022-10-02 16:12:44 +13:00
Markus
bd6a1b759a
Java RMI: Add remote-method-guesser to tools
...
This also includes slight adjustments to the README.md to adhere to the current contribution example layout
2022-10-01 22:04:49 +02:00
Deep Dhakate
9f0c70d46f
update
2022-10-01 19:56:49 +00:00
Swissky
9d1421a6c3
Merge pull request #547 from mschader/patch-6
...
Api Key Leaks: Add Trivy to tools section
2022-10-01 19:01:47 +02:00
Markus
b7d275d5b0
Api Key Leaks: Add Trivy to tools section
2022-10-01 17:20:51 +02:00
Swissky
72a8556dc9
NodeJS Serialization
2022-09-23 11:21:29 +02:00
Swissky
7a528ccb3f
Merge pull request #545 from noraj/patch-1
...
Blind NoSQL scripts
2022-09-23 00:38:05 +02:00
Alexandre ZANNI
7e2fa15462
Blind NoSQL scripts
...
- add missing menu item
- use better string interpolation for python script
- add ruby script
2022-09-23 00:36:41 +02:00
Swissky
2d30e22121
DPAPI - Data Protection API
2022-09-23 00:35:34 +02:00
Swissky
6b76c452a7
Merge pull request #544 from Processus-Thief/master
...
update hekatomb to install with pip
2022-09-22 16:12:23 +02:00
Processus Thief
8d564ff78b
update hekatomb to install with pip
...
hekatomb is now available on pypi to simplify its installation
2022-09-22 16:10:20 +02:00
Swissky
097756da1c
Merge pull request #543 from noraj/patch-1
...
add 3 template engines + add lang in menu
2022-09-21 11:42:32 +02:00