daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
364 Commits
2 Branches
3 Tags
11 MiB
Commit Graph

364 Commits (0ccccd0feadee2ba371fee584093f09e3ffa98a2)

Author SHA1 Message Date
Swissky b22fd26800 Linux PrivEsc - LXD Group 2019-03-07 15:27:54 +01:00
Swissky 68df152fd3 Linux PrivEsc - Wildcard/NFS/Sudo 2019-03-07 15:09:06 +01:00
Swissky 404afd1d71 Fix name's capitalization 2019-03-07 00:07:55 +01:00
Swissky 21d1fe7eee Fix name - Part 1 2019-03-07 00:07:14 +01:00
Swissky ee334f981e Web socket + title capitalization 2019-03-07 00:03:25 +01:00
Swissky ef65f36902
Merge pull request #48 from dee-see/patch-1 
Fix anchors in README.md
 2019-03-06 16:16:08 +01:00
Dominic c0b4381c13
Fix anchors in README.md 2019-03-06 09:22:05 -05:00
Swissky f67be6ef0b
Merge pull request #47 from naliferopoulos/master 
Added GraphQL injection notes
 2019-03-06 13:53:13 +01:00
Nick Aliferopoulos 007a1eda83 Added GraphQL injection notes 2019-03-06 14:18:54 +02:00
Swissky 450de2c90f Typo fix 2019-03-04 19:40:34 +01:00
Swissky e36b15a6d7 Windows PrivEsc - Table of content update 2019-03-03 20:05:27 +01:00
Swissky ecadcf3d0f Windows PrivEsc - Full rewrite 2019-03-03 20:01:25 +01:00
Swissky 2d5b4f2193 Meterpreter generate + LaTeK XSS + Ruby Yaml 2019-03-03 16:31:17 +01:00
Swissky 6d2cd684fa Web cache deception resources update 2019-03-01 17:49:19 +01:00
Swissky 70225232c9 Polyglot Command Injection + XSS HTML file 2019-02-28 00:36:53 +01:00
Swissky a58a8113d1 Linux capabilities - setuid + read / Docker group privesc 2019-02-26 17:24:10 +01:00
Swissky abb81aba7e
Merge pull request #46 from 0xInfection/patch-2 
Added a new bypass variant + fixed a payload
 2019-02-20 08:14:27 +01:00
Infected Drake 4187f87d0d
Added a new bypass variant + fixed a payload 2019-02-20 11:17:49 +05:30
Swissky 79f2c52ef5 EICAR file 2019-02-19 21:06:23 +01:00
Swissky c14fe62d0a
Merge pull request #43 from cclauss/print-function 
Use print() function in both Python 2 and Python 3
 2019-02-19 21:01:14 +01:00
Swissky a4e695a92e
Merge pull request #44 from annnoo/patch-1 
Fixed Hack The Box-Link
 2019-02-18 13:47:12 +01:00
Anno 119c4f4712
Fixed Hack The Box-Link 
Fixed Hack The Box-Link
 2019-02-18 13:08:45 +01:00
cclauss a3ee78fb80 Use print() function in both Python 2 and Python 3 2019-02-17 23:47:18 +01:00
Swissky 4e17443d62 SQL injection - MySQL version for error based 2019-02-17 22:56:09 +01:00
Swissky 40f86d39b0 MYSQL - Extract data without columns name 2019-02-17 21:51:21 +01:00
Swissky 78c882fb34 Jenkins Grrovy + MSSQL UNC + PostgreSQL list files 2019-02-17 20:02:16 +01:00
swisskyrepo eac421432a File upload - merging old files 2019-02-15 16:00:50 +01:00
swisskyrepo 88d5af0b19 JWT - Payload detail 2019-02-11 14:04:38 +01:00
Swissky bb0177916d
Merge pull request #40 from Bo0oM/patch-1 
Fix fake xss
 2019-02-11 10:05:31 +01:00
Anton Lopanitsyn 200a2d38d8
Fix fake xss 
Actually, is not XSS.

Running scripts like <a href="data:text/html,<script>alert(location.origin)</script>">clickme</a> have location.origin "null".
 2019-02-11 09:34:13 +03:00
Swissky f2273f5cce PrivExchange attack 2019-02-10 19:51:54 +01:00
Swissky 8c1c35789d SQLmap tamper update 2019-02-10 19:07:27 +01:00
Swissky 1c37517bf3 .git/index file parsing + fix CSRF payload typo 2019-02-07 23:33:47 +01:00
Swissky 8ff2aa8aff
Merge pull request #39 from n3v4/master 
Update exif_imagetype bypass
 2019-02-07 14:01:43 +01:00
Vladislav Nechakhin 90db8b0f11 Update exif_imagetype bypass 2019-02-07 14:59:22 +07:00
Vladislav Nechakhin 7877647db1 Update exif_imagetype bypass 2019-02-07 14:51:03 +07:00
Swissky 357f8a69a8
Merge pull request #38 from n3v4/master 
Add exif_imagetype bypass
 2019-02-02 11:36:22 +01:00
Vladislav Nechakhin b30ac4e5bb Add exif_imagetype bypass 2019-02-02 17:29:04 +07:00
Swissky ffde81e2c0
Merge pull request #37 from marcan2020/patch-1 
Update MSSQL Command execution
 2019-01-29 23:14:09 +01:00
marcan2020 7068cb6edc
Update MSSQL Command execution 2019-01-29 15:25:25 -05:00
Swissky 20bf52eb6a Bugfix 3 - removing the "-" in SSRF 2019-01-28 20:35:28 +01:00
Swissky 1f502ce20d Bugfix 2 - Fixing git mess 2019-01-28 20:32:43 +01:00
Swissky b9f2fe367c Bugfix - Errors in stashed changes 2019-01-28 20:27:45 +01:00
Swissky cd2d76d538
Merge pull request #36 from ThunderSon/patch-1 
fead: add powerless repo to the tools
 2019-01-28 08:16:38 +01:00
ThunderSon 99857a714f
fead: add powerless repo to the tools 2019-01-27 20:13:06 +02:00
Swissky e07a654080 Command injection renamed + sudo/doas privesc 2019-01-22 21:45:41 +01:00
Swissky 4db45a263a MSSQL union based + Windows Runas 2019-01-20 16:41:46 +01:00
Swissky 22c82cb277
Merge pull request #35 from noraj/patch-1 
XSS using base64 encoded href data in a link
 2019-01-17 19:54:37 +01:00
Swissky ab6535c6d9 Bugfix picture SSRF 2019-01-13 22:28:49 +01:00
Swissky 1547338f84 SSRF exploitation and minor rewritting 2019-01-13 22:27:11 +01:00