Swissky
|
cde11da0c7
|
SQL Injection - Methodology
|
2024-11-15 14:48:58 +01:00 |
|
Swissky
|
48a4e5c95b
|
Normalize page header for SQLi, Upload, Cache Deception
|
2024-11-10 20:49:52 +01:00 |
|
Swissky
|
b2bb1df9a9
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
|
Swissky
|
a5de8cf062
|
SQL injections references updates
|
2024-11-03 14:06:53 +01:00 |
|
Swissky
|
944fe0db7b
|
SQLmap tips moved from SQL README to their own page
|
2024-11-02 22:47:30 +01:00 |
|
NoPurposeInLife
|
873ac0e727
|
Update MySQL Injection.md
Fixed row/data extraction from MySQL Error Based - Extractvalue Function
|
2024-10-31 11:25:34 +08:00 |
|
Swissky
|
d5a6811193
|
Fix typos
|
2024-09-16 18:05:54 +02:00 |
|
Swissky
|
dd2b68b70e
|
PHP Deserialization + API keys table typo
|
2024-02-18 15:29:21 +01:00 |
|
Swissky
|
55edc9fc74
|
Fix MySQL duplicate cheatsheet
|
2023-10-01 12:45:12 +02:00 |
|
Swissky
|
d142587f28
|
Race Condition WIP + AD asreproast/kerberoasting
|
2023-10-01 12:42:20 +02:00 |
|
Swissky
|
59640ba51a
|
MYSQL Wide byte injection (GBK)
|
2023-09-14 10:53:37 +02:00 |
|
Mane
|
811d71026f
|
Update MySQL Injection.md
fix typo
|
2023-09-13 08:33:03 -07:00 |
|
Mane
|
9574af9dd1
|
Update MySQL Injection.md
Add MYSQL Wide byte injection, it can test in Sqli-labs Less-32
|
2023-09-13 08:13:36 -07:00 |
|
Swissky
|
a0c14e5299
|
SQL injections - WAF bypass
|
2023-09-03 14:26:03 +02:00 |
|
Swissky
|
6861c46fcd
|
MySQL MSSQL Oracle SQL Update
|
2023-04-14 17:45:45 +02:00 |
|
astroicers
|
119ae90db6
|
Update MySQL Injection.md
fix line 426
|
2022-01-04 14:28:17 +08:00 |
|
Alex G
|
a568270b15
|
Add NAME_CONST for MySQL Error based injection
|
2021-12-16 12:11:25 +01:00 |
|
Alvin Smith
|
335a5c42fb
|
Update MySQL Injection.md
|
2021-09-25 22:53:25 +12:00 |
|
Siddharth Reddy
|
2bdd23dc51
|
Update MySQL Injection.md
|
2020-10-29 17:03:22 +05:30 |
|
Swissky
|
a478356f43
|
MySQL Fast Exploitation using json_arrayagg()
|
2020-09-23 17:19:34 +02:00 |
|
chivato
|
29fac06023
|
From https://twitter.com/secgus
MySQL Blind Queries and Data Exfiltration via the ORDER BY clause.
|
2020-03-01 21:15:19 +00:00 |
|
nizam0906
|
a33dce0d60
|
Fixed Broken Links
|
2019-10-29 18:25:00 +05:30 |
|
nizam0906
|
7d6fab92fa
|
Update Detect columns number
Using SELECT * FROM SOME_EXISTING_TABLE Error Based
|
2019-10-29 18:11:58 +05:30 |
|
nizam0906
|
614e8a97b9
|
Updated Detect columns number
Detect columns number using LIMIT INTO Error Based
|
2019-10-29 16:48:11 +05:30 |
|
nizam0906
|
f81f9440b8
|
Added More Ways to Detect columns number
using order by or group by
using order by or group by error based
using UNION SELECT Error Based
|
2019-10-29 16:32:22 +05:30 |
|
nizam0906
|
5b59da70f7
|
Update MySQL Injection.md
Added 6 MYSQL DIOS
* Zen
* Zen WAF
* ~tr0jAn WAF
* ~tr0jAn Benchmark
* N1Z4M
* sharik
|
2019-10-25 18:11:11 +05:30 |
|
Swissky
|
5455c30ec7
|
Juicy Potato + XXE update
|
2019-09-08 19:44:51 +02:00 |
|
Swissky
|
3ca07aeb7a
|
Docker Privesc - Unix socket
|
2019-08-30 17:25:07 +02:00 |
|
Swissky
|
4a176615fe
|
CORS Misconfiguration
|
2019-08-18 12:08:51 +02:00 |
|
Swissky
|
f6564869f0
|
Fix typo in PHP Object injection
|
2019-07-05 18:42:42 +02:00 |
|
Swissky
|
f88da43e1c
|
SQL informationschema.processlist + UPNP warning + getcap -ep
|
2019-05-25 18:19:08 +02:00 |
|
Swissky
|
49b9d0aff7
|
MSQL UDF sys_exec + SSRF IP: 127.1 and 127.0.1
|
2019-04-20 20:23:40 +02:00 |
|
Swissky
|
13864bde04
|
GoGitDumper + MySQL summary rewrite
|
2019-04-15 00:49:56 +02:00 |
|
Swissky
|
c66197903f
|
MYSQL Truncation attack + Windows search where
|
2019-04-14 19:46:34 +02:00 |
|
Swissky
|
404afd1d71
|
Fix name's capitalization
|
2019-03-07 00:07:55 +01:00 |
|