Commit Graph

1288 Commits

Author SHA1 Message Date
Ricardo
604618ed41
Improve Ruby reverse shell
Now the reverse shell supports the "cd" command and maintains persistence when an error is raised.
2021-04-02 16:36:58 -04:00
Swissky
d8d26d8fb3
Merge pull request #350 from secnigma/patch-2
Added Netcat BusyBox
2021-04-01 14:31:12 +02:00
secnigma
059a866fd2
Added Netcat BusyBox
Some embedded systems like busybox won't have mkfifo present; instead, they will have mknod. This updated code can spawn reverse shell in systems that use mknod instead of mkfifo.
2021-04-01 13:27:20 +05:30
Swissky
4f89c0a6d2
Merge pull request #349 from SecGus/master
Add .ashx shell
2021-03-30 15:31:53 +02:00
chivato
2c0fff2a7a
Add .ashx shell 2021-03-30 13:56:31 +01:00
pswalia2u
209380740b
Update Reverse Shell Cheatsheet.md
Added new Bash TCP reverse shell
2021-03-28 18:58:07 +05:30
Swissky
0443babe35 Relay + MSSQL Read File 2021-03-25 18:25:02 +01:00
Swissky
f6b9d63bf8 DCOM exploitation and MSSQL CLR 2021-03-24 22:26:23 +01:00
Swissky
bd2166027e GMSA Password + Dart Reverse Shell 2021-03-24 12:44:35 +01:00
Swissky
af9f103655
Merge pull request #346 from linoskoczek/master
Fix links in XSS Injection Summary
2021-03-18 21:18:28 +01:00
linoskoczek
825295e465
Update README.md
Fix broken links in Summary
2021-03-18 19:16:59 +00:00
Swissky
5a3427cf9b
Merge pull request #345 from Tametomo/patch-1
Added additional CSV injection cases patterned after in the wild samples
2021-03-17 09:36:25 +01:00
Tametomo
126555e5f9
Update README.md
Add additional CSV test cases
2021-03-16 19:17:01 -06:00
Swissky
22a1662f60
Merge pull request #341 from cosmin-bianu/master
Fix Java payload (issue #337)
2021-03-12 12:36:19 +01:00
cosmin-bianu
13d54a5c24
Fixed Java payload
- Declared variables
- Added semicolons at the end of each line
- Fixed the bash command
2021-03-12 13:20:15 +02:00
Swissky
d61f683dc6
Merge pull request #339 from c14dd49h/patch-2
Update Active Directory Attack.md
2021-02-26 16:37:41 +01:00
c14dd49h
ca28c69e67
Update Active Directory Attack.md 2021-02-26 14:14:10 +01:00
Swissky
8d31b7240b Office Attacks 2021-02-21 20:17:57 +01:00
Swissky
e128964dd9
Merge pull request #338 from mpgn/patch-1
Add mimikatz command to protect a process after removing the protection
2021-02-17 12:32:23 +01:00
mpgn
d1c23c5863
Unload the service mimi 2021-02-17 12:21:16 +01:00
mpgn
9be371d793
add mimikatz command to protect a process again after removing the protection
fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)
2021-02-17 12:15:47 +01:00
Swissky
f6f8ec010a
Merge pull request #336 from valenbg1/patch-1
Update Windows - Privilege Escalation.md
2021-02-10 16:36:19 +01:00
Valentín Blanco
73f6ab940c
Update Windows - Privilege Escalation.md
Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.
2021-02-10 15:52:41 +01:00
Swissky
1d08a7e12d
Merge pull request #335 from unkn0w/patch-1
[typo] changed sshs_config to sshd_config
2021-02-05 14:36:05 +01:00
Jakub 'unknow' Mrugalski
9244fe0480
[typo] changed sshs_config to sshd_config 2021-02-05 12:24:49 +01:00
Swissky
495a1f3ffe
Merge pull request #334 from lanjelot/git-dumper
New tool git-dumper.py
2021-02-03 15:41:27 +01:00
lanjelot
34dff949a2 Fix ToC 2021-02-04 00:47:00 +11:00
lanjelot
fd6d7f360e New tool git-dumper.py 2021-02-03 21:15:55 +11:00
Swissky
6bcd2e8a6a
Update README.md 2021-01-31 21:51:53 +01:00
Swissky
b4d8b5939f
Merge pull request #332 from kazkansouh/master
Add a one line postgres file write
2021-01-30 21:59:01 +01:00
Karim Kanso
826130946c
Add a one line postgres file write 2021-01-30 14:17:35 +00:00
Swissky
092083af5c AD - Printer Bug + Account Lock 2021-01-29 22:10:22 +01:00
Swissky
075721fa9b
Merge pull request #331 from PinkDev1/patch-2
Added EoP - $PATH Interception
2021-01-28 22:12:51 +01:00
PinkDev1
93769768e2
Added EoP - $PATH Interception 2021-01-28 19:45:54 +00:00
Swissky
ec856fec21
Merge pull request #330 from JLLeitschuh/patch-2
Add XXE via DTD file
2021-01-25 18:02:38 +01:00
Jonathan Leitschuh
92667a12a4
Add XXE via DTD file 2021-01-25 11:50:47 -05:00
Swissky
4c7dd435a6
Merge pull request #329 from PinkDev1/patch-1
API Key Leaks: Added commands for testing Mapbox API Tokens
2021-01-25 10:38:58 +01:00
PinkDev1
88aa7c9789
Added commands for testing Mapbox API Tokens 2021-01-25 04:34:40 +00:00
Swissky
2ac947e46d
Merge pull request #327 from ayomawdb/patch-2
Add PostgreSQL Check if Current User is Supperuser
2021-01-24 18:44:12 +01:00
Swissky
4e17d6c2b3
Update PostgreSQL Injection.md 2021-01-24 18:43:58 +01:00
Swissky
cd6f5493b3
Update PostgreSQL Injection.md 2021-01-24 18:43:28 +01:00
Ayoma Wijethunga
4b8dab523e
Add PostgreSQL Check if Current User is Supperuser 2021-01-24 23:09:52 +05:30
Swissky
daebeeadd2
Merge pull request #326 from ayomawdb/patch-1
Add Kubernetes Pentest Methodology Part 3
2021-01-20 11:01:42 +01:00
Ayoma Wijethunga
b04579aa30
Add Kubernetes Pentest Methodology Part 3
$subject and minor correction of a file path
2021-01-20 09:07:23 +05:30
Swissky
0675573d93
Merge pull request #325 from u0pattern/u0pattern-patch-1
SSTI Payload in Jinja2 - Arbitrary file read
2021-01-18 10:08:47 +01:00
ムハンマド
89429f9c4f
SSTI Payload in Jinja2 - Arbitrary file read 2021-01-18 11:48:38 +03:00
Swissky
d4d2ba45c2
Merge pull request #323 from lanjelot/protocol-smuggling
Add PortSwigger http-desync reborn article
2021-01-16 19:04:16 +01:00
lanjelot
c5d8f3fc4f Add PortSwigger http-desync reborn article 2021-01-17 04:23:38 +11:00
Swissky
7b943d46bc
Merge pull request #322 from lapolis/patch-1
Added closing bracket in unicode full width bypass
2021-01-15 17:42:13 +01:00
lapolis_aka_blu
6f758ba6c0
Added closing bracket in unicode full width bypass
Yeah I know it is logic to use it if you really need the closing tag. But having both brackets in your repo makes it quicker to copy paste :D
2021-01-15 16:38:51 +00:00