Commit Graph

42 Commits

Author SHA1 Message Date
Swissky
2304101657 Normalize page header for GraphQL, Deserialization, SCM 2024-11-10 14:37:48 +01:00
Swissky
7e390265a0 References added for GWT, GraphQL, HTTP, Headless 2024-11-06 23:32:18 +01:00
Swissky
1dae291696 IIS MachineKeys + CI/CD + CSPT + ORM leak 2024-08-26 11:27:47 +02:00
idealphase
33d9e24bed
Update Ruby.md
Change from the invalid 404 URL to the valid one. (https://pentesterlab.com/exercises/ruby_ugadget/course)
2024-05-05 16:16:36 +07:00
Swissky
dd2b68b70e PHP Deserialization + API keys table typo 2024-02-18 15:29:21 +01:00
Swissky
d80068cc1b Privileged File Delete 2023-11-04 15:52:29 +01:00
Alexandre ZANNI
442d253936
fix rawsec url 2023-01-11 23:19:26 +01:00
Swissky
d67ec2469c SCCM Shares 2022-12-04 11:38:19 +01:00
romisfrag
f8ab0ca3bb
Update PHP.md
Fixed the payload (was not working because guess is size 5 instead of 4. 
Changed the name of Object to ObjectExample because Object class name is reserved
2022-11-26 14:28:06 +01:00
Swissky
cbb2137f3b ESC11 - Relay NTLM to ICPR 2022-11-21 10:48:27 +01:00
Swissky
5966c3a21b NTDS Reversible Encryption 2022-11-11 14:52:56 +01:00
Swissky
d46b436d6c
PHP Deserialization - Fix Broken Link 2022-11-04 09:44:37 +01:00
Swissky
2227472e1c .NET formatters and POP gadgets 2022-11-03 21:31:50 +01:00
Swissky
6dd5c18b45 Normalize Titles 2022-10-12 12:13:55 +02:00
Swissky
d88e32aaae .NET Deserialization 2022-10-11 21:52:46 +02:00
gdraperi
666a90ffee
Update YAML.md
Updating the actual risks for Python
2022-10-05 13:47:24 +02:00
Swissky
4ed3e3b6b9 Blind SSTI Jinja 2022-10-02 12:24:39 +02:00
Deep Dhakate
a670a26eea Update 2022-10-02 06:13:01 +00:00
Swissky
72a8556dc9 NodeJS Serialization 2022-09-23 11:21:29 +02:00
Swissky
2d30e22121 DPAPI - Data Protection API 2022-09-23 00:35:34 +02:00
Swissky
267713c0fb YAML Deserialization 2022-09-16 16:37:40 +02:00
Swissky
c7dd67986c Oracle SQL 2022-09-13 22:04:21 +02:00
Miłosz Skaza
eb933317d0 Add new ruby yaml gadget chain 2022-06-01 09:55:48 +01:00
Swissky
1a5537a044
Add warning about cPickle 2022-04-18 20:58:14 +02:00
nerrorsec
df8493e4e6
import os 2022-03-24 11:54:34 +05:45
Swissky
459f4c03fc Dependency Confusion + LDAP 2021-07-04 13:32:32 +02:00
Leon Gross
391755ec20 add new PHP deserialization resource 2021-06-25 09:51:00 +02:00
Leon Gross
70d0ae9ed6 issue #286 2021-06-25 09:41:39 +02:00
Swissky
0ba120e250 Fix #382 2021-06-23 22:14:55 +02:00
lanjelot
4dc5777c33 Add gadgetprobe tool 2020-12-18 23:03:25 +11:00
clem9669
f7c837ffdd
Adding marshalsec tool & references
Adding marshalsec tool & references
2020-10-26 14:43:16 +00:00
Muhammad Fikri Ashari
992732877f
Update PHP.md 2020-09-25 09:43:35 +07:00
Swissky
20dadc9815 PHP Phar Deserialization 2020-09-10 15:26:16 +02:00
Swissky
543f63d7de PHP POP Chain 2020-09-10 15:15:53 +02:00
Alexandre ZANNI
cb8bf8ea66
add more refs 2020-05-16 22:58:11 +02:00
Hi15358
5fec4f7c21
Update Java.md 2019-10-30 11:36:09 +08:00
marcan2020
4f38666c35
Add .NET references 2019-10-02 20:23:37 -04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
f6564869f0 Fix typo in PHP Object injection 2019-07-05 18:42:42 +02:00
Jaimin Gohel
3b4218e2a6
Added CTF writeup in reference section
Added below URL:

https://medium.com/@jaimin_gohel/ctf-writeup-php-object-injection-in-kaspersky-ctf-28a68805610d
2019-03-20 12:19:25 +05:30
tkmk
0913e8c3bd Fix changed urls 2019-03-19 20:18:06 +08:00
Swissky
404afd1d71 Fix name's capitalization 2019-03-07 00:07:55 +01:00