Swissky
d90c73c7ef
Moving S3 to another repository
2024-09-15 20:48:07 +02:00
FatEarthler
975dde665a
added 'xss_alert_identifiable.txt'
...
same as 'xss_alert.txt', but with identifiable payloads (e.g. alert(1992) instead of just alert(1)). This is useful in case of stored xss, when you inject all the payloads and then need to identify which payloads were successful.
2024-09-14 22:14:45 +02:00
Swissky
c5802aad67
Fix uppercase links and anchor
2024-09-13 22:43:18 +02:00
Swissky
541d89be64
Fix broken pictures
2024-09-13 21:59:29 +02:00
Swissky
3eae8d7458
Fix typo and structure
2024-09-11 17:07:51 +02:00
NoPurposeInLife
6602d48fad
Update deep_traversal.txt
2024-09-10 16:40:28 +08:00
Swissky
99f3557415
Randomness mt_rand + Analytics
2024-09-06 21:59:41 +02:00
Xhoenix
77f83c18b3
update quote evasion payloads
2024-09-06 19:09:46 +05:30
Mohammad Reza Omrani
d75e4fa525
Update README.md
...
Add CorsOne Tool on CORS Misconfiguration page
2024-09-03 13:08:02 +03:30
Swissky
1dae291696
IIS MachineKeys + CI/CD + CSPT + ORM leak
2024-08-26 11:27:47 +02:00
R4yan
0aac7e8267
Update README.md
2024-07-28 21:16:30 +02:00
Xhoenix
80707e805b
added bypass techniques
2024-07-25 11:57:43 +05:30
Xhoenix
1a475b6e1d
added bypass techniques
2024-07-15 11:58:02 +05:30
Horlad
b521dedb24
Adding r3dir tool to SSRF README.md
2024-06-27 17:01:41 +02:00
Horlad
4cf17a3fab
Update SSRF with redirect examples using r3dir README.md
2024-06-27 16:57:45 +02:00
Alexandre ZANNI
8e05a2dd2a
XSS in SVG: more examples + nesting
2024-06-19 14:54:19 +02:00
isacaya
ca3ab6eb95
Add a few XSS filter bypass cases
2024-06-19 04:21:24 +09:00
Swissky
314e4da963
SSRF DNS AXFR + LFI PHAR payloads + LFI iconv
2024-06-16 21:17:42 +02:00
Swissky
7e4a38a1a5
Merge pull request #725 from masquerad3r/master
...
Create port_swigger_xss_cheatsheet_event_handlers.txt
2024-06-06 17:52:33 +02:00
masquerad3r
eca067dd7e
Create port_swigger_xss_cheatsheet_event_handlers.txt
...
Updated list of event handlers taken from https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#event-handlers .
Useful when the context of reflection is an HTML attribute and one quickly wants to check which attributes are reflected unfiltered by the target application.
2024-06-06 10:46:13 +02:00
Swissky
c34a2bac15
WAF bypass moved to a separate page
2024-06-03 09:55:29 +02:00
Swissky
2e73069238
XSS Tel URI
2024-06-03 09:37:24 +02:00
Swissky
6d3fef0df3
Merge pull request #723 from cydave/master
...
Add additional XSS payload in email addresses RFC5322
2024-06-02 11:25:45 +02:00
Swissky
cb69cecd11
Merge pull request #721 from MarkCyber/master
...
DBMS Identification Via Error
2024-06-02 11:23:13 +02:00
Swissky
25c94f809a
Uniqid + reset-tolkien and sandwich attack
2024-05-31 16:31:23 +02:00
dave
fcf69f8226
Add additional XSS payload in email addresses RFC5322
2024-05-31 13:27:32 +02:00
Swissky
b5251a673f
XSLT payloads + Headless Browser
2024-05-31 00:07:21 +02:00
Swissky
ded1d95735
ASP Cookieless + ReDOS backtrack
2024-05-29 23:23:51 +02:00
Swissky
67adf75bc2
CSP updates + Indirect Prompt Injection
2024-05-29 15:32:58 +02:00
Mark
c3af630e1d
Update README.md
2024-05-26 10:40:54 -04:00
Mark
867f243100
Update README.md
2024-05-26 10:32:01 -04:00
Swissky
f723bcbf8a
Merge pull request #718 from idealphase/master
...
Update Ruby.md
2024-05-05 13:08:50 +02:00
Swissky
670b301b1c
Merge pull request #717 from nojanath/master
...
Fix link to SecLists/content-type.txt
2024-05-05 13:07:57 +02:00
idealphase
33d9e24bed
Update Ruby.md
...
Change from the invalid 404 URL to the valid one. (https://pentesterlab.com/exercises/ruby_ugadget/course )
2024-05-05 16:16:36 +07:00
Jonathan Thompson
7a68102a3c
Fix link to SecLists/content-type.txt
2024-05-04 11:12:54 -07:00
Swissky
53d9014b2b
Regular Expression ReDoS
2024-04-25 17:37:16 +02:00
Swissky
43a8c6a037
Adding socials buttons
2024-04-24 22:02:04 +02:00
Swissky
b245d3cbdd
Mkdocs accessibility and search improvement
2024-04-15 21:20:02 +02:00
Swissky
293723d49d
Merge pull request #712 from bsysop/patch-4
...
Adding "Hetzner Cloud" to the Summary
2024-04-05 18:55:52 +02:00
bsysop
dc461f170e
Adding "Hetzner Cloud" to the Summary
2024-04-05 11:55:54 -03:00
Swissky
9571306b9f
Merge pull request #711 from bsysop/patch-3
...
Adding Hetzner Cloud Metadata URL
2024-04-05 15:53:05 +02:00
bsysop
3c9fdec3da
Adding Hetzner Cloud Metadata URL
...
https://docs.hetzner.cloud/#server-metadata
2024-04-04 23:43:34 -03:00
Swissky
80dda8beeb
Merge pull request #710 from mohnad-0b/patch-1
...
Update SQLite Injection.md
2024-04-03 18:15:31 +02:00
Swissky
8ef458db2a
Merge pull request #708 from xplo1t-sec/master
...
bypass techniques added
2024-04-03 18:15:03 +02:00
mohnad banat
d834abe43c
Update SQLite Injection.md
...
Since sqlite version 3.33.0, sqlite_schema has been replaced by sqlite_master.
2024-04-01 20:46:09 +03:00
Swissky
b19dc0626a
CICD - Mkdocs fixed the fonts problem
2024-03-31 16:03:48 +02:00
Swissky
55afcb12fb
Removing social plugins from Mkdocs
2024-03-30 13:20:56 +01:00
Swissky
9cabd995fb
Merge pull request #709 from mpgn/master
...
switch to nxc as cme is archived
2024-03-29 22:36:26 +01:00
mpgn
0d98284034
switch to nxc as cme is archived
2024-03-29 21:22:18 +00:00
xplo1t-sec
033982dc30
bypass techniques added
2024-03-09 21:46:33 +05:30