ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-18 18:36:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,963 Commits 2 Branches 6 Tags 31 MiB
eb4795047b
Commit Graph

1963 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Swissky
eb4795047b
Merge pull request #746 from TRKBKR/master 
Added oncontentvisibilityautostatechange to XSS in hidden input
 2024-11-02 11:44:08 +01:00
Swissky
89c4098dc2
Merge pull request #754 from noraj/patch-2 
SSTI: engine detection
 2024-11-02 11:42:45 +01:00
Swissky
7efac5129b
Merge pull request #742 from hansmach1ne/master 
Add LFImap tool
 2024-11-02 11:39:31 +01:00
Swissky
e3877d1979
Merge pull request #739 from FatEarthler/master 
added 'xss_alert_identifiable.txt'
 2024-11-02 11:38:30 +01:00
Swissky
acb509d436 SVG XSS fix typo from #729 + files 2024-11-02 11:27:26 +01:00
Swissky
53ba2932ab
Merge pull request #729 from noraj/patch-1 
XSS in SVG: more examples + nesting
 2024-11-02 11:21:27 +01:00
Alexandre ZANNI
eca0bd1b36
SSTI: engine detection 2024-11-01 22:20:50 +01:00
Swissky
6b8ca37452 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2024-11-01 21:00:34 +01:00
Swissky
690c7764eb Moving CICD to IATT repository 2024-11-01 21:00:03 +01:00
Swissky
f11771b866
Merge pull request #753 from NoPurposeInLife/patch-2 
Update MySQL Injection.md
 2024-10-31 21:23:22 +01:00
NoPurposeInLife
873ac0e727
Update MySQL Injection.md 
Fixed row/data extraction from MySQL Error Based - Extractvalue Function
 2024-10-31 11:25:34 +08:00
ⵟⴰⵕⵉⴽ ⴱⴰⴽⵉⵕ
223d6183eb
Merge branch 'swisskyrepo:master' into master 2024-10-30 16:51:42 +00:00
Swissky
ca41c9e848 Merge pull request #752 from noraj/patch-2 2024-10-28 18:00:24 +01:00
Swissky
0f621e67d1 SQLmap reduce requests 2024-10-28 17:59:33 +01:00
Swissky
98db867333
Merge pull request #752 from noraj/patch-2 
XXE in docx/xlsx: important warning on recompression
 2024-10-28 17:03:39 +01:00
Alexandre ZANNI
6cbf58e5b0
XXE in docx/xlsx: important warning on recompression 2024-10-28 16:18:35 +01:00
Swissky
6ee918b060 SSTI update 2024-10-23 14:17:18 +02:00
Swissky
7ec97bb77e SSTI - Pages splitted by technology 2024-10-23 13:59:18 +02:00
Swissky
25a664625d Denial of Service 2024-10-23 10:06:45 +02:00
ⵟⴰⵕⵉⴽ ⴱⴰⴽⵉⵕ
faeee7270a
Update README.md 
addedd contentvisibilityautostatechange_event for hidden input
 2024-10-13 23:23:07 +01:00
Swissky
37f0740d07
Merge pull request #744 from Swastik-Swarup-Dash/typo1 
fix:Typo_Race-Condition
 2024-10-03 14:40:06 +02:00
Swastik-Swarup-Dash
bd7bd812ae fix:Typo_Race-Condition 2024-10-03 15:23:23 +05:30
Swissky
b57475f34f Moving Kubernetes from PATT to IATT 2024-10-03 11:35:54 +02:00
Swissky
8ececca282
Merge pull request #743 from Swastik-Swarup-Dash/typo 
fix:Typo_Fix namespaces
 2024-10-02 16:31:09 +02:00
Swastik-Swarup-Dash
2fa9441e37 fix:Typo_Fix namespaces 2024-10-02 17:02:52 +05:30
Mach1ne
c4a19f8a2a
Add LFImap tool 2024-09-30 22:49:44 +02:00
Swissky
d5a6811193 Fix typos 2024-09-16 18:05:54 +02:00
Swissky
d90c73c7ef Moving S3 to another repository 2024-09-15 20:48:07 +02:00
FatEarthler
975dde665a
added 'xss_alert_identifiable.txt' 
same as 'xss_alert.txt', but with identifiable payloads (e.g. alert(1992) instead of just alert(1)). This is useful in case of stored xss, when you inject all the payloads and then need to identify which payloads were successful.
 2024-09-14 22:14:45 +02:00
Swissky
c5802aad67 Fix uppercase links and anchor 2024-09-13 22:43:18 +02:00
Swissky
541d89be64 Fix broken pictures 2024-09-13 21:59:29 +02:00
Swissky
3eae8d7458 Fix typo and structure 2024-09-11 17:07:51 +02:00
Swissky
99f3557415 Randomness mt_rand + Analytics 2024-09-06 21:59:41 +02:00
Swissky
1dae291696 IIS MachineKeys + CI/CD + CSPT + ORM leak 2024-08-26 11:27:47 +02:00
Alexandre ZANNI
8e05a2dd2a
XSS in SVG: more examples + nesting 2024-06-19 14:54:19 +02:00
Swissky
314e4da963 SSRF DNS AXFR + LFI PHAR payloads + LFI iconv 2024-06-16 21:17:42 +02:00
Swissky
7e4a38a1a5
Merge pull request #725 from masquerad3r/master 
Create port_swigger_xss_cheatsheet_event_handlers.txt
 2024-06-06 17:52:33 +02:00
masquerad3r
eca067dd7e
Create port_swigger_xss_cheatsheet_event_handlers.txt 
Updated list of event handlers taken from https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#event-handlers.

Useful when the context of reflection is an HTML attribute and one quickly wants to check which attributes are reflected unfiltered by the target application.
 2024-06-06 10:46:13 +02:00
Swissky
c34a2bac15 WAF bypass moved to a separate page 2024-06-03 09:55:29 +02:00
Swissky
2e73069238 XSS Tel URI 2024-06-03 09:37:24 +02:00
Swissky
6d3fef0df3
Merge pull request #723 from cydave/master 
Add additional XSS payload in email addresses RFC5322
 2024-06-02 11:25:45 +02:00
Swissky
cb69cecd11
Merge pull request #721 from MarkCyber/master 
DBMS Identification Via Error
 2024-06-02 11:23:13 +02:00
Swissky
25c94f809a Uniqid + reset-tolkien and sandwich attack 2024-05-31 16:31:23 +02:00
dave
fcf69f8226 Add additional XSS payload in email addresses RFC5322 2024-05-31 13:27:32 +02:00
Swissky
b5251a673f XSLT payloads + Headless Browser 2024-05-31 00:07:21 +02:00
Swissky
ded1d95735 ASP Cookieless + ReDOS backtrack 2024-05-29 23:23:51 +02:00
Swissky
67adf75bc2 CSP updates + Indirect Prompt Injection 2024-05-29 15:32:58 +02:00
Mark
c3af630e1d
Update README.md 2024-05-26 10:40:54 -04:00
Mark
867f243100
Update README.md 2024-05-26 10:32:01 -04:00
Swissky
f723bcbf8a
Merge pull request #718 from idealphase/master 
Update Ruby.md
 2024-05-05 13:08:50 +02:00