Commit Graph

385 Commits (93f6c03b54fd239486233f0b46bba513ba1e7046)

Author SHA1 Message Date
Swissky 93f6c03b54 GraphQL + LXD/etc/passwd PrivEsc + Win firewall 2019-06-09 13:46:40 +02:00
Swissky 00f50c5f32
Merge pull request #72 from h1-ragnar/patch-1
Cloudflare XSS Bypasses by Bohdan Korzhynskyi
2019-06-06 19:03:17 +02:00
h1-ragnar edcac293a8
Cloudflare XSS Bypasses by Bohdan Korzhynskyi 2019-06-05 21:36:41 +03:00
Swissky b031115588
Merge pull request #71 from jonasw234/master
Add nginx log files for LFI log poisoning
2019-05-30 12:33:24 +02:00
Jonas Wendorf f5702467d6 Add nginx log files for LFI log poisoning 2019-05-30 12:01:24 +02:00
Swissky f88da43e1c SQL informationschema.processlist + UPNP warning + getcap -ep 2019-05-25 18:19:08 +02:00
Swissky b1a05d1aab
Create License
Fix issue #69
2019-05-25 16:27:35 +02:00
Swissky 72c96ade44
Merge pull request #70 from AlexisVLRT/master
Some link's markdown was broken
2019-05-24 17:37:39 +02:00
Alexis VIALARET 506014dd5f
Some link's markdown was broken 2019-05-24 17:15:33 +02:00
Swissky 9c2e63818f XSS without parenthesis, semi-colon + Lontara 2019-05-15 21:55:17 +02:00
Swissky cc8c7b3e70 Fix YOUTUBE and BOOKS links 2019-05-12 22:59:22 +02:00
Swissky 698cc52eaa README rewrite : BOOKS and YOUTUBE 2019-05-12 22:43:42 +02:00
Swissky b81df17589 RFI - Windows SMB allow_url_include = "Off" 2019-05-12 22:23:55 +02:00
Swissky bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Swissky 765c615efe XSS injection Summary + MSF web delivery 2019-05-12 14:22:48 +02:00
Swissky 6bc297252a
Merge pull request #67 from roman-mueller/master
Remove http:// prefix for DNS queries
2019-05-08 01:27:16 +02:00
Roman Mueller 403cb4ef65 Remove http:// prefix for DNS queries 2019-05-07 18:14:49 +02:00
Swissky 2b3f07236b XSLT in SAML 2019-04-28 13:06:59 +02:00
Swissky d0f14cbfde
Merge pull request #66 from cclauss/patch-1
Use print() function in both Python 2 and Python 3
2019-04-27 01:02:09 +02:00
cclauss a458cb397d
Use print() function in both Python 2 and Python 3
Legacy __print__ statements are syntax errors in Python 3 but __print()__ function works as expected in both Python 2 and Python 3.
2019-04-26 14:35:16 -04:00
Swissky bd861e304f
Merge pull request #65 from noraj/patch-1
add JSON headers
2019-04-25 01:16:36 +02:00
Alexandre ZANNI 0ccccd0fea
add JSON headers 2019-04-24 22:59:24 +02:00
Swissky 5bb27ee889 SSRF Google Cloud - add ssh key 2019-04-22 11:35:07 +02:00
Swissky 4d3ee90eec Command injection rewritten 2019-04-21 19:50:50 +02:00
Swissky 81f93a19c2 SSRF AWS Elastic Beanstak 2019-04-21 18:51:32 +02:00
Swissky aac5a57932
Merge pull request #64 from noraj/patch-1
add nosqli GET example
2019-04-21 14:12:06 +02:00
Swissky 9dfd7835ea mitm6 + ntlmrelayx 2019-04-21 14:08:18 +02:00
Alexandre ZANNI e467d6096a
add nosqli GET example 2019-04-21 13:00:16 +02:00
Swissky 49b9d0aff7 MSQL UDF sys_exec + SSRF IP: 127.1 and 127.0.1 2019-04-20 20:23:40 +02:00
Swissky 271cc269b6
Merge pull request #63 from BillyNoGoat/patch-1
Fixed link for google CSP bypass
2019-04-16 18:55:29 +02:00
BillyNoGoat e0dbfc1578
Fixed link for google CSP bypass 2019-04-16 11:37:59 +01:00
Swissky 13864bde04 GoGitDumper + MySQL summary rewrite 2019-04-15 00:49:56 +02:00
Swissky b4633bbb66 sudo_inject + SSTI FreeMarker + Lin PrivEsc passwords 2019-04-14 21:01:14 +02:00
Swissky b8e74fe0ba Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2019-04-14 19:48:36 +02:00
Swissky c66197903f MYSQL Truncation attack + Windows search where 2019-04-14 19:46:34 +02:00
Swissky ee00dc1803
Merge pull request #62 from PwnFunction/patch-1
Bypass using IPv6/IPv4 Address Embedding
2019-04-13 14:03:43 +02:00
PwnFunction 4c6f9e21e9
Bypass using IPv6/IPv4 Address Embedding 2019-04-13 17:06:06 +05:30
Swissky eb045a7d12
Merge pull request #61 from cervoise/patch-1
Update README.md
2019-04-08 23:56:45 +02:00
Cervoise 5686af951d
Update README.md
According to https://gynvael.coldwind.pl/n/php_quirks .pthm seems to be use.
2019-04-08 22:49:50 +02:00
Swissky 546ecd0e36 Linux Privesc - /etc/passwd writable 2019-04-07 23:40:36 +02:00
Swissky aaaeb3f38e
Merge pull request #60 from Zeecka/patch-2
--dc-ip to -dc-ip for psexec cmd
2019-04-03 13:59:06 +02:00
Alex Zeecka 4b79b865c9
--dc-ip to -dc-ip for psexec cmd 2019-04-03 10:45:45 +02:00
Swissky 187762fac5
Fix typo in reverse shell 2019-04-02 22:45:08 +02:00
Swissky 3af87ddf98 Reverse shell summary + golang 2019-04-02 22:43:44 +02:00
Swissky cbc57c7330
Merge pull request #58 from kisec/master
Reverse shell Golang
2019-04-01 08:29:46 +02:00
kisec 1eb57ad919 Reverse shell Golang 2019-04-01 12:01:45 +09:00
Swissky 289fa8c22b PrivEsc - Linux Task 2019-03-31 15:05:13 +02:00
Swissky bbc9029dd6 XSS in several filetype based on @__Mn1__ blogpost 2019-03-26 21:49:03 +01:00
Swissky 90b182f10f AD references - Blog Post + SSTI basic config item 2019-03-24 16:26:00 +01:00
Swissky a509909561 PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources 2019-03-24 16:00:27 +01:00