Commit Graph

243 Commits (992732877fa5bb0d335faeeb4f614bc24bc36f9e)

Author SHA1 Message Date
Swissky 546ecd0e36 Linux Privesc - /etc/passwd writable 2019-04-07 23:40:36 +02:00
Alex Zeecka 4b79b865c9
--dc-ip to -dc-ip for psexec cmd 2019-04-03 10:45:45 +02:00
Swissky 187762fac5
Fix typo in reverse shell 2019-04-02 22:45:08 +02:00
Swissky 3af87ddf98 Reverse shell summary + golang 2019-04-02 22:43:44 +02:00
kisec 1eb57ad919 Reverse shell Golang 2019-04-01 12:01:45 +09:00
Swissky 289fa8c22b PrivEsc - Linux Task 2019-03-31 15:05:13 +02:00
Swissky 90b182f10f AD references - Blog Post + SSTI basic config item 2019-03-24 16:26:00 +01:00
Swissky a509909561 PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources 2019-03-24 16:00:27 +01:00
Swissky 5d1b8bca79 SAML exploitation + ASREP roasting + Kerbrute 2019-03-24 13:16:23 +01:00
Swissky e9489f0768 Linux Priv Esc - minor update 2019-03-18 23:19:36 +01:00
Swissky e5090f2797 Bazaar - version control system 2019-03-15 23:27:14 +01:00
Swissky ec61e99334 Linux - PrivEsc typo 2019-03-08 20:09:01 +01:00
Swissky b22fd26800 Linux PrivEsc - LXD Group 2019-03-07 15:27:54 +01:00
Swissky 68df152fd3 Linux PrivEsc - Wildcard/NFS/Sudo 2019-03-07 15:09:06 +01:00
Swissky 404afd1d71 Fix name's capitalization 2019-03-07 00:07:55 +01:00
Swissky 21d1fe7eee Fix name - Part 1 2019-03-07 00:07:14 +01:00
Swissky 450de2c90f Typo fix 2019-03-04 19:40:34 +01:00
Swissky e36b15a6d7 Windows PrivEsc - Table of content update 2019-03-03 20:05:27 +01:00
Swissky ecadcf3d0f Windows PrivEsc - Full rewrite 2019-03-03 20:01:25 +01:00
Swissky 2d5b4f2193 Meterpreter generate + LaTeK XSS + Ruby Yaml 2019-03-03 16:31:17 +01:00
Swissky 6d2cd684fa Web cache deception resources update 2019-03-01 17:49:19 +01:00
Swissky 70225232c9 Polyglot Command Injection + XSS HTML file 2019-02-28 00:36:53 +01:00
Swissky a58a8113d1 Linux capabilities - setuid + read / Docker group privesc 2019-02-26 17:24:10 +01:00
Swissky 78c882fb34 Jenkins Grrovy + MSSQL UNC + PostgreSQL list files 2019-02-17 20:02:16 +01:00
Swissky f2273f5cce PrivExchange attack 2019-02-10 19:51:54 +01:00
Swissky 8c1c35789d SQLmap tamper update 2019-02-10 19:07:27 +01:00
Swissky 1c37517bf3 .git/index file parsing + fix CSRF payload typo 2019-02-07 23:33:47 +01:00
Swissky b9f2fe367c Bugfix - Errors in stashed changes 2019-01-28 20:27:45 +01:00
ThunderSon 99857a714f
fead: add powerless repo to the tools 2019-01-27 20:13:06 +02:00
Swissky e07a654080 Command injection renamed + sudo/doas privesc 2019-01-22 21:45:41 +01:00
Swissky 4db45a263a MSSQL union based + Windows Runas 2019-01-20 16:41:46 +01:00
Swissky 3bcd3d1b3c SUID & Capabilities 2019-01-13 22:05:39 +01:00
Swissky 2e3aef1a19 Shell IPv6 + Sandbox credential 2019-01-07 18:15:45 +01:00
Swissky e480c9358d SQL wildcard '_' + CSV injection reverse shell 2018-12-26 01:02:17 +01:00
Swissky bd97c0be86 README update + Typo fix in Active Directory 2018-12-25 20:41:43 +01:00
Swissky d57d59eca7 NTLMv2 hash capturing, cracking, replaying 2018-12-25 20:35:39 +01:00
Swissky d5478d1fd6 AWS Pacu and sections + Kerberoasting details 2018-12-25 19:38:37 +01:00
Swissky b9efdb52d3 Linux - PrivEsc - First draft 2018-12-25 15:51:11 +01:00
Swissky 38c3bfbd9f Windows Priv Esc - Unquoted Path, Password looting and Powershell version 2018-12-25 15:19:45 +01:00
Swissky a6475a19d9 Adding references sectio 2018-12-24 15:02:50 +01:00
Swissky b4aff1a826 Architecture - Files/Intruder/Images and README + template 2018-12-23 00:45:45 +01:00
Swissky 69c1d601fa Kerberoasting + SQLmap write SSH key 2018-12-15 00:51:33 +01:00
Swissky 928a454531 Blind XSS endpoint + SSRF Google + Nmap subdomains 2018-11-25 15:44:17 +01:00
Swissky 1225a9a23d Metasploit Cheatsheet 2018-11-24 15:32:44 +01:00
Swissky 565b40d177 reGeorg + Meterpreter socks + S3 trick name 2018-11-24 13:49:08 +01:00
Swissky 1b2ee3e67a Subdomain enumeration - New Aquatone (Go) 2018-11-05 13:45:52 +01:00
Swissky 6bcb43e39c LDAP fix typo + LDAP attributes + LFI filter chaining 2018-11-02 13:50:56 +01:00
Swissky f1eefd2722 Script Docker RCE 2018-10-18 17:32:01 +02:00
Swissky 35d4139373 WebCache param miner file + Reverse shell Python TTY 2018-10-08 13:49:50 +02:00
Swissky f0a8b6f8b8 Koadic cheatsheet renamed to "Windows - Post Exploitation" 2018-10-04 17:39:55 +02:00
Swissky 9ebf2057c5 Koadic Cheatsheet + Linux persistence in startup .desktop file 2018-10-04 17:35:57 +02:00
Swissky 747f1d172c Reverse shell python for Windows + Lua + Awk 2018-10-02 17:17:03 +02:00
Swissky 824d8c370b Bugfix README + Can I take over xyz 2018-10-02 16:57:01 +02:00
Swissky 1c5f8889bd Network Discovery and Subdomains enumerations 2018-10-02 16:17:16 +02:00
Swissky 7b49f1b13a PHP Serialization - phpggc 2018-10-01 12:30:14 +02:00
Swissky cce0444245 SQL injection - Intruders payloads 2018-09-21 18:44:32 +02:00
Swissky 7a80647e63 Raw MD5 SQL injection + SSH Konami Code 2018-09-10 23:12:29 +02:00
Swissky beb0ce8c54 Linux Persistence + WebLogic RCE 2018-09-03 18:41:05 +02:00
Swissky f612a91bb5 LFI via Upload (race condition) + Network Pivot nmap 2018-08-26 15:43:26 +02:00
Swissky b87e14a0ed Markdown formatting - Part 2 2018-08-13 12:01:13 +02:00
Swissky 65654f81a4 Markdown formatting update 2018-08-12 23:30:22 +02:00
Swissky 177c12cb79 Multiple update in READMEs + RCE tricks 2018-08-12 00:17:58 +02:00
Swissky 644724396f LaTeX display code + XSS location alternative 2018-08-01 21:19:18 +02:00
Swissky 93f4bbb19e AD BloodHound + AD Relationship + SSRF Digital Ocean 2018-07-15 11:06:43 +02:00
Swissky cdc3adee51 PassTheTicket + OpenShare + Tools(CME example) 2018-07-08 20:03:40 +02:00
Swissky 76aefd9da2 Path traversal refactor + AD cme module msf/empire + IIS web.config 2018-07-07 12:04:55 +02:00
Swissky a7439d812d Windows port forwarding - Netsh 2018-06-09 18:56:19 +02:00
Swissky 4ad7c70e89 SSRF to XSS + Retail account Windows 2018-06-06 00:05:28 +02:00
Swissky 8eb6cb80f9 GPP decrypt + SSRF url for cloud providers 2018-05-27 22:27:31 +02:00
Swissky e261836532 Windows PrivEsc + SQLi second order + AD DiskShadow 2018-05-20 22:10:33 +02:00
Swissky f1cb7ce50e SQL Cheatsheets - Refactoring part 1 2018-05-16 23:33:14 +02:00
Swissky 81eebeaea2 AD - Ropnop Tricks 2018-05-08 22:11:36 +02:00
Swissky 6a39f25661 AD - refactor part 4 (link and src) 2018-05-06 19:07:34 +02:00
Swissky c5bbe88372 AD - refactor part3 2018-05-05 23:11:17 +02:00
Swissky 1feccf84cb AD refactor - Part 2 : summary 2018-05-05 17:41:04 +02:00
Swissky 6869c399d5 AD refactoring part1 2018-05-05 17:32:19 +02:00
Swissky 2dcffadd46 AD - Little fixes and refactor 2018-04-28 19:54:32 +02:00
Swissky cb3b298451 Oracle SQL + SQL injection updates (MS SQL/MYSQL/ GENERAL) 2018-04-27 23:31:58 +02:00
Swissky 8209d32baf Abstract for methodology 2018-04-23 21:22:11 +02:00
Swissky 54661cbd70 Bugfix - Tables Token/Brand 2018-04-23 20:55:26 +02:00
Swissky aace268267 Payment functionality - International Tests 2018-04-23 20:45:54 +02:00
Swissky 02484cee00 BUGFIX: API Payment 2018-04-23 18:46:09 +02:00
Swissky 9c5eade544 Update methodology - Bugfix 2018-04-23 18:44:49 +02:00
Swissky f832022920 Drupalgeddon2 update + Payment API in Methodology 2018-04-23 18:41:59 +02:00
Swissky f62d466340 Fix Golden Ticket 2018-04-15 16:02:27 +02:00
Swissky b8fbca3347 AD Attack - Golden Ticket + SQL/OpenRed/SSRF 2018-04-12 23:23:41 +02:00
Swissky e6b5dfa3de Fix README broken links 2018-03-25 23:51:22 +02:00
Swissky d1f6e8397d Refactoring XSS 0/? 2018-03-23 13:53:53 +01:00
Swissky 30019235f8 SQLmap tips + Active Directory attacks + SQLite injections 2018-03-12 09:17:31 +01:00
Swissky b87c3fd7ff Traversal Dir + NoSQL major updates + small addons 2018-02-15 23:27:42 +01:00
Swissky 3793d91fd4 Mimikatz + Credential Windows + XXE update 2017-12-06 20:40:29 +01:00
Swissky 2c048f7b52 SSRF Ip script + DDL & Execute Windows 2017-11-24 09:57:48 +01:00
Swissky dad26ce5e5 More Burp Intruder file - SQLi + Path traversal + XSS 2017-08-06 01:12:41 +02:00