Commit Graph

2041 Commits

Author SHA1 Message Date
Swissky
3eae8d7458 Fix typo and structure 2024-09-11 17:07:51 +02:00
NoPurposeInLife
6602d48fad
Update deep_traversal.txt 2024-09-10 16:40:28 +08:00
Swissky
99f3557415 Randomness mt_rand + Analytics 2024-09-06 21:59:41 +02:00
Xhoenix
77f83c18b3
update quote evasion payloads 2024-09-06 19:09:46 +05:30
Mohammad Reza Omrani
d75e4fa525
Update README.md
Add CorsOne Tool on CORS Misconfiguration page
2024-09-03 13:08:02 +03:30
Swissky
1dae291696 IIS MachineKeys + CI/CD + CSPT + ORM leak 2024-08-26 11:27:47 +02:00
R4yan
0aac7e8267
Update README.md 2024-07-28 21:16:30 +02:00
Xhoenix
80707e805b
added bypass techniques 2024-07-25 11:57:43 +05:30
Xhoenix
1a475b6e1d
added bypass techniques 2024-07-15 11:58:02 +05:30
Horlad
b521dedb24
Adding r3dir tool to SSRF README.md 2024-06-27 17:01:41 +02:00
Horlad
4cf17a3fab
Update SSRF with redirect examples using r3dir README.md 2024-06-27 16:57:45 +02:00
Alexandre ZANNI
8e05a2dd2a
XSS in SVG: more examples + nesting 2024-06-19 14:54:19 +02:00
isacaya
ca3ab6eb95 Add a few XSS filter bypass cases 2024-06-19 04:21:24 +09:00
Swissky
314e4da963 SSRF DNS AXFR + LFI PHAR payloads + LFI iconv 2024-06-16 21:17:42 +02:00
Swissky
7e4a38a1a5
Merge pull request from masquerad3r/master
Create port_swigger_xss_cheatsheet_event_handlers.txt
2024-06-06 17:52:33 +02:00
masquerad3r
eca067dd7e
Create port_swigger_xss_cheatsheet_event_handlers.txt
Updated list of event handlers taken from https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#event-handlers.

Useful when the context of reflection is an HTML attribute and one quickly wants to check which attributes are reflected unfiltered by the target application.
2024-06-06 10:46:13 +02:00
Swissky
c34a2bac15 WAF bypass moved to a separate page 2024-06-03 09:55:29 +02:00
Swissky
2e73069238 XSS Tel URI 2024-06-03 09:37:24 +02:00
Swissky
6d3fef0df3
Merge pull request from cydave/master
Add additional XSS payload in email addresses RFC5322
2024-06-02 11:25:45 +02:00
Swissky
cb69cecd11
Merge pull request from MarkCyber/master
DBMS Identification Via Error
2024-06-02 11:23:13 +02:00
Swissky
25c94f809a Uniqid + reset-tolkien and sandwich attack 2024-05-31 16:31:23 +02:00
dave
fcf69f8226 Add additional XSS payload in email addresses RFC5322 2024-05-31 13:27:32 +02:00
Swissky
b5251a673f XSLT payloads + Headless Browser 2024-05-31 00:07:21 +02:00
Swissky
ded1d95735 ASP Cookieless + ReDOS backtrack 2024-05-29 23:23:51 +02:00
Swissky
67adf75bc2 CSP updates + Indirect Prompt Injection 2024-05-29 15:32:58 +02:00
Mark
c3af630e1d
Update README.md 2024-05-26 10:40:54 -04:00
Mark
867f243100
Update README.md 2024-05-26 10:32:01 -04:00
Swissky
f723bcbf8a
Merge pull request from idealphase/master
Update Ruby.md
2024-05-05 13:08:50 +02:00
Swissky
670b301b1c
Merge pull request from nojanath/master
Fix link to SecLists/content-type.txt
2024-05-05 13:07:57 +02:00
idealphase
33d9e24bed
Update Ruby.md
Change from the invalid 404 URL to the valid one. (https://pentesterlab.com/exercises/ruby_ugadget/course)
2024-05-05 16:16:36 +07:00
Jonathan Thompson
7a68102a3c Fix link to SecLists/content-type.txt 2024-05-04 11:12:54 -07:00
Swissky
53d9014b2b Regular Expression ReDoS 2024-04-25 17:37:16 +02:00
Swissky
43a8c6a037 Adding socials buttons 2024-04-24 22:02:04 +02:00
Swissky
b245d3cbdd Mkdocs accessibility and search improvement 2024-04-15 21:20:02 +02:00
Swissky
293723d49d
Merge pull request from bsysop/patch-4
Adding "Hetzner Cloud" to the Summary
2024-04-05 18:55:52 +02:00
bsysop
dc461f170e
Adding "Hetzner Cloud" to the Summary 2024-04-05 11:55:54 -03:00
Swissky
9571306b9f
Merge pull request from bsysop/patch-3
Adding Hetzner Cloud Metadata URL
2024-04-05 15:53:05 +02:00
bsysop
3c9fdec3da
Adding Hetzner Cloud Metadata URL
https://docs.hetzner.cloud/#server-metadata
2024-04-04 23:43:34 -03:00
Swissky
80dda8beeb
Merge pull request from mohnad-0b/patch-1
Update SQLite Injection.md
2024-04-03 18:15:31 +02:00
Swissky
8ef458db2a
Merge pull request from xplo1t-sec/master
bypass techniques added
2024-04-03 18:15:03 +02:00
mohnad banat
d834abe43c
Update SQLite Injection.md
Since sqlite version 3.33.0, sqlite_schema has been replaced by sqlite_master.
2024-04-01 20:46:09 +03:00
Swissky
b19dc0626a CICD - Mkdocs fixed the fonts problem 2024-03-31 16:03:48 +02:00
Swissky
55afcb12fb Removing social plugins from Mkdocs 2024-03-30 13:20:56 +01:00
Swissky
9cabd995fb
Merge pull request from mpgn/master
switch to nxc as cme is archived
2024-03-29 22:36:26 +01:00
mpgn
0d98284034 switch to nxc as cme is archived 2024-03-29 21:22:18 +00:00
xplo1t-sec
033982dc30 bypass techniques added 2024-03-09 21:46:33 +05:30
Swissky
dd2b68b70e PHP Deserialization + API keys table typo 2024-02-18 15:29:21 +01:00
Swissky
97cfeee270 Tools Update 2024-01-21 21:39:23 +01:00
Swissky
12c6531ad2 README - Update links to Internal All The Things 2024-01-12 16:18:36 +01:00
Swissky
c852118ec8 Web Cache Deception + phpt file format 2024-01-11 12:20:25 +01:00