Commit Graph

966 Commits (4b9baf37d3f05c72d55a2d351ac283e348e771bb)

Author SHA1 Message Date
Alexandre ZANNI 93751d8650
add SSH key authentication via LDAP 2020-09-09 12:15:07 +02:00
Swissky 6c1e3402e0
Merge pull request #243 from noraj/patch-1
LDAP: fix AdmYSsion link + add 2 tutorials
2020-09-09 10:58:18 +02:00
Alexandre ZANNI 9554aa2ed9
fix AdmYSsion link + add 2 tutorials 2020-09-09 09:57:21 +02:00
Swissky bcd700c951 AWS API calls that return credentials - kmcquade 2020-09-06 17:11:30 +02:00
Swissky b5e511c03b
Merge pull request #242 from maxrodrigo/master
Fix PHP XSS data collector line breaks
2020-09-05 11:46:08 +02:00
Max Rodrigo 2f40961990 Fix PHP XSS data collector line breaks 2020-09-05 10:36:58 +02:00
Swissky 83fbdb906b
Merge pull request #240 from Laxa/master
Fix typos
2020-09-03 14:16:36 +02:00
laxa b4d9ee0634 Fix typos 2020-09-03 13:57:46 +02:00
zero77 f1d55a132a
Update Linux - Persistence.md 2020-09-02 09:43:25 +00:00
Swissky 734bb7ce98
Merge pull request #238 from cnotin/patch-1
Remove "Leaked API keys" section
2020-09-01 11:48:56 +02:00
Clément Notin 6865492a6b
Remove "Leaked API keys" section
It's in the "API Key Leaks" folder now and the content is already present there
2020-08-31 23:54:48 +02:00
Swissky 9a372ec810
Merge pull request #237 from chr-ge/master
Added missing word
2020-08-26 11:56:38 +02:00
chr-ge 88f8b7d1aa
Added missing word 2020-08-25 23:14:33 +00:00
Swissky 426c2be37e Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings into master 2020-08-25 14:39:19 +02:00
Swissky f431ea7166 HTTP Request Smuggling 2020-08-25 14:38:28 +02:00
Swissky 3ef51a12ce
Update README.md 2020-08-22 23:45:49 +02:00
Swissky 75a0f34bdc
Merge pull request #236 from Techbrunch/patch-9
Update README.md
2020-08-19 16:30:32 +02:00
Swissky 845326dd61
Merge pull request #235 from Techbrunch/patch-7
Update README.md
2020-08-19 16:30:15 +02:00
Techbrunch 502a8121b4
Update README.md
Add reference to debug tag for Jinja2
2020-08-19 14:46:43 +02:00
Techbrunch 76e6f7dc95
Update README.md
Add Handlebars payload
2020-08-19 14:20:18 +02:00
Swissky cc95f4e386 AD - Forest to Forest compromise 2020-08-18 09:33:38 +02:00
Swissky 6e526de7b4
Merge pull request #234 from justin-p/patch-1
Added GenericWrite example for values used by the Remote Connection Manager.
2020-08-17 15:35:26 +02:00
Justin Perdok f11c45650b
Update Active Directory Attack.md 2020-08-17 13:18:30 +00:00
Justin Perdok 1284715128
Update Active Directory Attack.md 2020-08-17 13:15:33 +00:00
Justin Perdok 6f3f2239fa
GenericWrite and Remote Connection Manager
Added content from https://sensepost.com/blog/2020/ace-to-rce/
2020-08-17 13:00:04 +00:00
Swissky d386790fd2
Merge pull request #233 from virenpawar/patch-1
[Update] Added 1 payload
2020-08-17 12:03:46 +02:00
Viren Pawar 0266a7dd67
[Update] Added 1 payload
Added one payload which executes without any usage of single or double quotes. Helpful when you have AngularJS injection but quotes are blocked by application.
Working proof of payload here: 

https://portswigger-labs.net/xss/angularjs.php?type=reflected&csp=0&version=1.6.0&x={{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
2020-08-15 16:29:13 +05:30
Swissky d1104d6ce1
Merge pull request #230 from bsysop/patch-2
Typo in Excel extension name
2020-08-12 12:46:49 +02:00
bsysop 93f321879f
Typo in Excel extension name 2020-08-11 21:35:36 -03:00
Swissky d00d7c9788 Banner HD with credit 2020-08-10 11:36:18 +02:00
Swissky 33129f2b4c Silver Ticket with services list 2020-08-09 19:25:03 +02:00
Swissky c7e3ea005e Powershell Remoting 2020-08-09 12:15:56 +02:00
Swissky 268b4c2d47
Merge pull request #229 from DeWaRs1206/master
Fix Corsy link URL
2020-07-29 18:08:48 +02:00
Emmanuel Iturbide fbf896edf1
Fix Corsy link URL 2020-07-29 17:53:07 +02:00
Swissky 767eb04af6 Persistence - Typo 2020-07-21 19:48:57 +02:00
Swissky ca9326b5fc Driver Privilege Escalation 2020-07-13 15:00:36 +02:00
Swissky dd40ddd233 XSS summary subentries + GraphTCP 2020-07-12 14:44:33 +02:00
Swissky 94f6e31905
Merge pull request #227 from HLOverflow/PostgresqlFilterBypass
Postgresql filter bypass
2020-07-12 10:49:22 +02:00
hloverflow 2e7b9db94b Corrected Reference to 2009 paper 2020-07-12 13:21:18 +08:00
HLOverflow 37f66cc523
add to table of content 2020-07-12 13:17:43 +08:00
hloverflow baadc6d3e9 contribute PostgreSQL bypass quotes technique 2020-07-12 13:14:26 +08:00
HLOverflow 982ac3968c
Merge pull request #1 from swisskyrepo/master
pull from main repository
2020-07-12 12:33:57 +08:00
Swissky d3f1bfa1ae
Merge pull request #209 from c14dd49h/patch-1
Update README.md
2020-07-11 10:50:04 +02:00
Swissky 2c935df34d EL Injection - SSTI 2020-07-10 15:05:13 +02:00
Swissky cd3de64c73
Merge pull request #225 from artiommocrenco/patch-1
Add TLS-PSK OpenSSL reverse shell method
2020-07-08 17:31:17 +02:00
Artiom Mocrenco 62443a3753
fix typo 2020-07-08 18:01:12 +03:00
Artiom Mocrenco 2d7d6d6eed
Add TLS-PSK OpenSSL reverse shell method 2020-07-08 17:01:38 +03:00
Swissky bb1e710806
Merge pull request #224 from marcan2020/patch-5
Add introspection without fragments
2020-07-08 10:16:18 +02:00
marcan2020 1553115e19
Add introspection without fragments 2020-07-07 22:03:01 -04:00
Swissky c1d74a1252
Merge pull request #223 from m-veljkovic/patch-1
Update README.md
2020-07-07 10:32:00 +02:00