Robbie
|
e8fccb6dd2
|
Update README.md
added 169.254.169.254 decimal
|
2020-10-31 20:19:27 +00:00 |
Alex Lauerman
|
d5c1f39c0f
|
Added DNS Rebinding
|
2020-06-21 16:31:16 -05:00 |
Alex Lauerman
|
c39c904c9a
|
Moved bypasses under the bypasses section
|
2020-06-21 16:27:32 -05:00 |
Alex Lauerman
|
6d37ad9e2e
|
Improved Clarity of ssrf redirect
|
2020-06-21 16:19:15 -05:00 |
Swissky
|
ecf29c2cbe
|
Active Directory - Mitigations
|
2020-06-18 11:55:48 +02:00 |
bsysop
|
24981f945f
|
metadata.nicob.net not long resolve to metadata IP
```
$ dig +short metadata.nicob.net
...
```
Not resolving
|
2020-06-14 12:08:25 -03:00 |
Swissky
|
71ddb449ce
|
Windows Persistence
|
2020-06-01 21:37:32 +02:00 |
Swissky
|
4ca5e71c2f
|
Bind shell cheatsheet (Fix #194)
|
2020-05-24 14:09:46 +02:00 |
John
|
a5d220d599
|
Added SSRF bypass details
|
2020-05-13 12:19:36 -04:00 |
Techbrunch
|
3abf2aff2a
|
Update AWS SSRF tips
Added http://instance-data
|
2020-03-11 15:20:51 +01:00 |
Swissky
|
71171fa78b
|
SSRF exploiting WSGI
|
2020-01-05 22:11:28 +01:00 |
mikesiegel
|
e024afc9f7
|
Added anti-SSRF header bypass for GCP.
|
2019-12-31 15:11:58 +00:00 |
mikesiegel
|
7aa2761e3e
|
Added anti-SSRF header bypass for GCP. Similar technique works on Azure and AWS I'm guessing.
|
2019-12-31 15:07:20 +00:00 |
Alexandre ZANNI
|
54c94e0398
|
add ref for docker SSRF
|
2019-11-03 23:50:58 +01:00 |
Alexandre ZANNI
|
c6b5bbab2b
|
fix TOC links
|
2019-10-22 20:26:04 +02:00 |
Swissky
|
7159a3ded3
|
RODC dcsync note + Dumping AD Domain summary
|
2019-10-18 00:07:09 +02:00 |
Swissky
|
8eae039a28
|
netdoc:// wrapper for Java SSRF
|
2019-10-17 21:13:04 +02:00 |
Swissky
|
05b3e13098
|
SSRF for ECS
|
2019-10-12 13:30:52 +02:00 |
Swissky
|
357658371f
|
SSRF URL for Google Cloud
|
2019-10-06 20:59:58 +02:00 |
Swissky
|
5455c30ec7
|
Juicy Potato + XXE update
|
2019-09-08 19:44:51 +02:00 |
Swissky
|
b6697d8595
|
SSRF SVG + Windows Token getsystem
|
2019-08-15 18:21:06 +02:00 |
Swissky
|
05054af343
|
JWT RS256 to HS256 using pubkey to generate a signature
|
2019-07-10 20:58:50 +02:00 |
Swissky
|
144b3827ab
|
MS14-068 + /etc/security/opasswd
|
2019-06-29 17:55:13 +02:00 |
Swissky
|
9be62677b6
|
Add root user + PHP null byte version
|
2019-06-24 00:21:39 +02:00 |
Swissky
|
9c2e63818f
|
XSS without parenthesis, semi-colon + Lontara
|
2019-05-15 21:55:17 +02:00 |
Swissky
|
bab04f8587
|
Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp
|
2019-05-12 21:34:09 +02:00 |
Swissky
|
5bb27ee889
|
SSRF Google Cloud - add ssh key
|
2019-04-22 11:35:07 +02:00 |
Swissky
|
4d3ee90eec
|
Command injection rewritten
|
2019-04-21 19:50:50 +02:00 |
Swissky
|
81f93a19c2
|
SSRF AWS Elastic Beanstak
|
2019-04-21 18:51:32 +02:00 |
Swissky
|
49b9d0aff7
|
MSQL UDF sys_exec + SSRF IP: 127.1 and 127.0.1
|
2019-04-20 20:23:40 +02:00 |
Swissky
|
b8e74fe0ba
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2019-04-14 19:48:36 +02:00 |
Swissky
|
c66197903f
|
MYSQL Truncation attack + Windows search where
|
2019-04-14 19:46:34 +02:00 |
PwnFunction
|
4c6f9e21e9
|
Bypass using IPv6/IPv4 Address Embedding
|
2019-04-13 17:06:06 +05:30 |
tkmk
|
0913e8c3bd
|
Fix changed urls
|
2019-03-19 20:18:06 +08:00 |
Swissky
|
404afd1d71
|
Fix name's capitalization
|
2019-03-07 00:07:55 +01:00 |
Swissky
|
21d1fe7eee
|
Fix name - Part 1
|
2019-03-07 00:07:14 +01:00 |
Dominic
|
c0b4381c13
|
Fix anchors in README.md
|
2019-03-06 09:22:05 -05:00 |
Swissky
|
450de2c90f
|
Typo fix
|
2019-03-04 19:40:34 +01:00 |
Swissky
|
8c1c35789d
|
SQLmap tamper update
|
2019-02-10 19:07:27 +01:00 |
Swissky
|
20bf52eb6a
|
Bugfix 3 - removing the "-" in SSRF
|
2019-01-28 20:35:28 +01:00 |