Commit Graph

788 Commits

Author SHA1 Message Date
Alexandre ZANNI
525429c0d8
XPATH: add tools 2019-10-26 16:43:36 +02:00
nizam0906
f35ace93cf
Update PostgreSQL Injection.md
Updated PostgreSQL Error Based injections
2019-10-26 18:07:14 +05:30
Swissky
882eec0566
Merge pull request #109 from nizam0906/master
Added 3 yahoo jsonp endpoints
2019-10-26 11:39:57 +02:00
nizam0906
aef5bb864a
Update jsonp_endpoint.txt
Added 3 yahoo jsonp endpoints
* https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337)
* https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337)
* https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y-
2019-10-25 22:27:16 +05:30
Swissky
32c18fdf56
Merge pull request #108 from nizam0906/master
Added 6 MYSQL DIOS
2019-10-25 17:04:57 +02:00
nizam0906
5b59da70f7
Update MySQL Injection.md
Added 6 MYSQL DIOS
* Zen
* Zen WAF
* ~tr0jAn WAF
* ~tr0jAn Benchmark
* N1Z4M
* sharik
2019-10-25 18:11:11 +05:30
Swissky
88f020381d Out of band XPATH 2019-10-22 23:06:35 +02:00
Swissky
3464611c00
Merge pull request #107 from noraj/patch-1
fix TOC links
2019-10-22 21:41:28 +02:00
Alexandre ZANNI
c6b5bbab2b
fix TOC links 2019-10-22 20:26:04 +02:00
Swissky
727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Hi15358
b54142c3a2
Update Reverse Shell Cheatsheet.md 2019-10-21 02:35:13 +08:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
Swissky
8eae039a28 netdoc:// wrapper for Java SSRF 2019-10-17 21:13:04 +02:00
Swissky
67a68d7eac
Merge pull request #105 from Zeecka/patch-3
Add filter iconv utf16 LFI bypass tricks
2019-10-17 19:39:00 +02:00
Alex Zeecka
83caef8ee1
Add filter iconv utf16 LFI bypass tricks 2019-10-17 17:40:59 +02:00
Swissky
b22742ba9e
Merge pull request #103 from Ali-Yazdani/patch-1
Update readme.md
2019-10-16 23:35:04 +02:00
Ali Yazdani
52d02cea63
Update readme.md
Add some related security tools.
2019-10-16 14:45:42 +02:00
Swissky
6a81a130cc
Merge pull request #102 from op01/master
Update Silver Ticket
2019-10-15 19:17:03 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
05b3e13098 SSRF for ECS 2019-10-12 13:30:52 +02:00
Swissky
57628ffd18
Merge pull request #101 from Ali-Yazdani/patch-1
Add Kubernetes file
2019-10-11 14:36:54 +02:00
Ali Yazdani
03d02ccdd6
Create readme.md
Adding Kubernetes file
2019-10-11 12:56:22 +02:00
Swissky
320a9fad31
Merge pull request #100 from noraj/patch-1
little changes
2019-10-09 20:49:20 +02:00
Alexandre ZANNI
9f463d156b
little changes
- fix exploits ToC anchor
- add nosqlilab
2019-10-09 16:53:34 +02:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Swissky
8b0bd4d655
Merge pull request #99 from marcan2020/patch-4
Add  Angular Automatic Sanitization
2019-10-03 16:14:06 +02:00
Swissky
54d6161c9d
Merge pull request #98 from marcan2020/patch-3
Add .NET references
2019-10-03 16:13:25 +02:00
Swissky
cb9b7a1304
Merge pull request #97 from marcan2020/patch-2
Fix dead youtube link
2019-10-03 16:13:00 +02:00
marcan2020
920da73bd7
Add Angular automatic sanitization 2019-10-02 21:24:53 -04:00
marcan2020
4f38666c35
Add .NET references 2019-10-02 20:23:37 -04:00
marcan2020
e180d1f7e6
Fix dead youtube link 2019-10-02 20:09:41 -04:00
Swissky
e1e5397d4c
Merge pull request #96 from h3xstream/master
Add local DTD section to the XXE Injection page
2019-10-02 20:41:37 +02:00
Philippe Arteau
f2beb0dbbc
Add local DTD section to the XXE Injection page 2019-10-01 18:22:42 -04:00
Swissky
6a11a6c670
Merge pull request #94 from Luci-d/patch-1
Add Spyse to network discovery
2019-09-30 14:08:00 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
9a02958b51 API Key Leaks - Twitter/Twilio/Gitlab 2019-09-22 17:06:44 +02:00
Swissky
8061cdd856
Merge pull request #92 from Techbrunch/patch-2
Add XXE payload inside SVG
2019-09-18 08:12:37 +02:00
Techbrunch
8822199f65
Add XXE payload inside SVG
Source: https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload
2019-09-17 16:23:14 +02:00
Swissky
a0917241ad Pebble - Server Side Template Injection 2019-09-17 15:43:13 +02:00
Swissky
e6f94af721
Update FUNDING.yml with buymeacoffee 2019-09-13 17:49:47 +02:00
Swissky
742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Swissky
2a4c4f46b2
Merge pull request #88 from ricardojba/patch-1
Add Host/Split Unicode Normalization
2019-08-30 10:03:46 +02:00
Ricardo
0625e2aebf
Add Host/Split Unicode Normalization
Add Host/Split Exploitable Antipatterns in Unicode Normalization BH 2019 for filter bypass
2019-08-30 08:57:22 +01:00
Swissky
c6824e7aa9
Merge pull request #86 from JLLeitschuh/patch-1
Add XSS dot filter bypass with decimal IP
2019-08-29 20:12:51 +02:00