Commit Graph

1714 Commits

Author SHA1 Message Date
Swissky
382bd9acec Type Juggling - Another SHA 256 2019-07-14 14:23:20 +02:00
Swissky
ca331acba8
Merge pull request #79 from LewisArdern/patch-1
adding reference to blog
2019-07-13 00:11:10 +02:00
Lewis
dab064a583
adding reference to blog 2019-07-12 12:49:02 -07:00
Swissky
504caa3b50 SSTI by calling Popen without guessing the offset 2019-07-10 21:31:44 +02:00
Swissky
bdef021a6d Magic Hashes SHA224 and SHA256 2019-07-10 21:26:24 +02:00
Swissky
05054af343 JWT RS256 to HS256 using pubkey to generate a signature 2019-07-10 20:58:50 +02:00
Swissky
6cecb8fa7a GraphQL - Projection + Edges/Nodes 2019-07-05 21:34:04 +02:00
Swissky
f6564869f0 Fix typo in PHP Object injection 2019-07-05 18:42:42 +02:00
Swissky
13ba72f124 GraphQL + RDP Bruteforce + PostgreSQL RCE 2019-07-01 23:29:29 +02:00
Swissky
46780de750 PostgreSQL rewrite + LFI SSH 2019-06-29 19:23:34 +02:00
Swissky
144b3827ab MS14-068 + /etc/security/opasswd 2019-06-29 17:55:13 +02:00
Swissky
3b85f1b6fc UTF-8 encoding for File Inclusion 2019-06-29 11:20:17 +02:00
Swissky
b148a9c906
Merge pull request #76 from ElonSalfati/master
Added 2 working sql injection lines
2019-06-28 17:30:12 +02:00
Elon Salfati
a4411ae086
Added 2 working sql injection lines 2019-06-28 18:16:45 +03:00
Swissky
7dda79bfc1 ImageMagik Ghost Script + Typo git summary 2019-06-26 00:07:06 +02:00
Swissky
1cec6e9a35
Merge pull request #75 from scarvell/master
Added Freemarker SSTI PoC that doesn't require the use of "tags"/spaces
2019-06-24 14:32:11 +02:00
Brendan Scarvell
601db0e188 Added freemarker PoC that doesn't require spaces or tags 2019-06-24 21:38:56 +10:00
Swissky
9be62677b6 Add root user + PHP null byte version 2019-06-24 00:21:39 +02:00
Swissky
c3f96c6753 GraphQL injection : blind nosqli + sqli 2019-06-21 17:01:43 +02:00
Swissky
9745e67465 HQL Injection + references update 2019-06-16 23:45:52 +02:00
Swissky
6921cde15c
Merge pull request #73 from ahhh/patch-1
Update Windows - Privilege Escalation.md
2019-06-12 00:14:08 +02:00
Dan Borges
24a05c7098
Update Windows - Privilege Escalation.md 2019-06-11 11:51:09 -07:00
Swissky
8cec2e0ca3 Linux PrivEsc - Writable files 2019-06-10 11:09:02 +02:00
Swissky
94a60b43d6 Writable /etc/sudoers + Meterpreter autoroute 2019-06-10 11:00:54 +02:00
Swissky
a85fa5af28 Local File Include : rce via mail + kadimus 2019-06-10 00:05:47 +02:00
Swissky
5d4f65720a PrivEsc - Common Exploits 2019-06-09 20:53:41 +02:00
Swissky
e8cd11f88f plink + sshuttle : Network Pivoting Techniques 2019-06-09 18:13:15 +02:00
Swissky
adcea1a913 Linux PrivEsc + SSH persistency 2019-06-09 16:05:44 +02:00
Swissky
f5a8a6b62f Meterpreter shell 2019-06-09 14:26:14 +02:00
Swissky
93f6c03b54 GraphQL + LXD/etc/passwd PrivEsc + Win firewall 2019-06-09 13:46:40 +02:00
Swissky
00f50c5f32
Merge pull request #72 from h1-ragnar/patch-1
Cloudflare XSS Bypasses by Bohdan Korzhynskyi
2019-06-06 19:03:17 +02:00
h1-ragnar
edcac293a8
Cloudflare XSS Bypasses by Bohdan Korzhynskyi 2019-06-05 21:36:41 +03:00
Swissky
b031115588
Merge pull request #71 from jonasw234/master
Add nginx log files for LFI log poisoning
2019-05-30 12:33:24 +02:00
Jonas Wendorf
f5702467d6 Add nginx log files for LFI log poisoning 2019-05-30 12:01:24 +02:00
Swissky
f88da43e1c SQL informationschema.processlist + UPNP warning + getcap -ep 2019-05-25 18:19:08 +02:00
Swissky
b1a05d1aab
Create License
Fix issue #69
2019-05-25 16:27:35 +02:00
Swissky
72c96ade44
Merge pull request #70 from AlexisVLRT/master
Some link's markdown was broken
2019-05-24 17:37:39 +02:00
Alexis VIALARET
506014dd5f
Some link's markdown was broken 2019-05-24 17:15:33 +02:00
Swissky
9c2e63818f XSS without parenthesis, semi-colon + Lontara 2019-05-15 21:55:17 +02:00
Swissky
cc8c7b3e70 Fix YOUTUBE and BOOKS links 2019-05-12 22:59:22 +02:00
Swissky
698cc52eaa README rewrite : BOOKS and YOUTUBE 2019-05-12 22:43:42 +02:00
Swissky
b81df17589 RFI - Windows SMB allow_url_include = "Off" 2019-05-12 22:23:55 +02:00
Swissky
bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Swissky
765c615efe XSS injection Summary + MSF web delivery 2019-05-12 14:22:48 +02:00
Swissky
6bc297252a
Merge pull request #67 from roman-mueller/master
Remove http:// prefix for DNS queries
2019-05-08 01:27:16 +02:00
Roman Mueller
403cb4ef65 Remove http:// prefix for DNS queries 2019-05-07 18:14:49 +02:00
Swissky
2b3f07236b XSLT in SAML 2019-04-28 13:06:59 +02:00
Swissky
d0f14cbfde
Merge pull request #66 from cclauss/patch-1
Use print() function in both Python 2 and Python 3
2019-04-27 01:02:09 +02:00
cclauss
a458cb397d
Use print() function in both Python 2 and Python 3
Legacy __print__ statements are syntax errors in Python 3 but __print()__ function works as expected in both Python 2 and Python 3.
2019-04-26 14:35:16 -04:00
Swissky
bd861e304f
Merge pull request #65 from noraj/patch-1
add JSON headers
2019-04-25 01:16:36 +02:00