daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
790 Commits
2 Branches
3 Tags
11 MiB
Commit Graph

790 Commits (d386790fd2d4493319844a72aba82e0ebdef40c8)

Author SHA1 Message Date
Swissky d386790fd2
Merge pull request #233 from virenpawar/patch-1 
[Update] Added 1 payload
 2020-08-17 12:03:46 +02:00
Viren Pawar 0266a7dd67
[Update] Added 1 payload 
Added one payload which executes without any usage of single or double quotes. Helpful when you have AngularJS injection but quotes are blocked by application.
Working proof of payload here: 

https://portswigger-labs.net/xss/angularjs.php?type=reflected&csp=0&version=1.6.0&x={{x=valueOf.name.constructor.fromCharCode;constructor.constructor(x(97,108,101,114,116,40,49,41))()}}
 2020-08-15 16:29:13 +05:30
Swissky d1104d6ce1
Merge pull request #230 from bsysop/patch-2 
Typo in Excel extension name
 2020-08-12 12:46:49 +02:00
bsysop 93f321879f
Typo in Excel extension name 2020-08-11 21:35:36 -03:00
Swissky d00d7c9788 Banner HD with credit 2020-08-10 11:36:18 +02:00
Swissky 33129f2b4c Silver Ticket with services list 2020-08-09 19:25:03 +02:00
Swissky c7e3ea005e Powershell Remoting 2020-08-09 12:15:56 +02:00
Swissky 268b4c2d47
Merge pull request #229 from DeWaRs1206/master 
Fix Corsy link URL
 2020-07-29 18:08:48 +02:00
Emmanuel Iturbide fbf896edf1
Fix Corsy link URL 2020-07-29 17:53:07 +02:00
Swissky 767eb04af6 Persistence - Typo 2020-07-21 19:48:57 +02:00
Swissky ca9326b5fc Driver Privilege Escalation 2020-07-13 15:00:36 +02:00
Swissky dd40ddd233 XSS summary subentries + GraphTCP 2020-07-12 14:44:33 +02:00
Swissky 94f6e31905
Merge pull request #227 from HLOverflow/PostgresqlFilterBypass 
Postgresql filter bypass
 2020-07-12 10:49:22 +02:00
hloverflow 2e7b9db94b Corrected Reference to 2009 paper 2020-07-12 13:21:18 +08:00
HLOverflow 37f66cc523
add to table of content 2020-07-12 13:17:43 +08:00
hloverflow baadc6d3e9 contribute PostgreSQL bypass quotes technique 2020-07-12 13:14:26 +08:00
HLOverflow 982ac3968c
Merge pull request #1 from swisskyrepo/master 
pull from main repository
 2020-07-12 12:33:57 +08:00
Swissky d3f1bfa1ae
Merge pull request #209 from c14dd49h/patch-1 
Update README.md
 2020-07-11 10:50:04 +02:00
Swissky 2c935df34d EL Injection - SSTI 2020-07-10 15:05:13 +02:00
Swissky cd3de64c73
Merge pull request #225 from artiommocrenco/patch-1 
Add TLS-PSK OpenSSL reverse shell method
 2020-07-08 17:31:17 +02:00
Artiom Mocrenco 62443a3753
fix typo 2020-07-08 18:01:12 +03:00
Artiom Mocrenco 2d7d6d6eed
Add TLS-PSK OpenSSL reverse shell method 2020-07-08 17:01:38 +03:00
Swissky bb1e710806
Merge pull request #224 from marcan2020/patch-5 
Add introspection without fragments
 2020-07-08 10:16:18 +02:00
marcan2020 1553115e19
Add introspection without fragments 2020-07-07 22:03:01 -04:00
Swissky c1d74a1252
Merge pull request #223 from m-veljkovic/patch-1 
Update README.md
 2020-07-07 10:32:00 +02:00
Milan Veljkovic d317b46af9
Update README.md 
I met with /var/log/apache2/ more often than /var/log/apache/ and i believe if someone is following this list, the apache2 items will make a difference. Cheers !
 2020-07-06 23:43:47 +02:00
Swissky 5b1a79cb56 Docker device file breakout 2020-07-04 19:00:56 +02:00
Swissky f86837ca8c
Fix #211 2020-06-24 12:10:41 +02:00
Swissky ee43329187
Merge pull request #221 from looCiprian/patch-1 
Add jsfuck bypassing method to xss cheat sheet
 2020-06-24 12:08:56 +02:00
looCiprian 93a372cea4 Add jsfuck bypassing method to xss cheat sheet 2020-06-23 18:34:02 +02:00
Swissky e9ee3bb59b
Merge pull request #219 from clem9669/patch-4 
Add useful always existing windows file
 2020-06-23 18:00:04 +02:00
clem9669 e37aff2fcd
Add useful always existing windows file 
Adding always existing file in recent Windows machine. Ideal to test path traversal but nothing much interesting inside
 2020-06-23 14:26:46 +00:00
Swissky b9295bf504
Merge pull request #218 from noraj/patch-1 
XXE ref. refactor
 2020-06-23 15:01:26 +02:00
Alexandre ZANNI 7aef550c39
XXE ref. refactor 
- Add new refs
- Format title with date, author, etc.
- Remove dead hosts:
  - agrawalsmart7.com
  - esoln.net
 2020-06-22 15:53:07 +02:00
Swissky 6c63d9c9d9
Merge pull request #217 from alexlauerman/master 
Improved Clarity of SSRF redirect
 2020-06-22 11:06:12 +02:00
Alex Lauerman d5c1f39c0f
Added DNS Rebinding 2020-06-21 16:31:16 -05:00
Alex Lauerman c39c904c9a
Moved bypasses under the bypasses section 2020-06-21 16:27:32 -05:00
Alex Lauerman 6d37ad9e2e
Improved Clarity of ssrf redirect 2020-06-21 16:19:15 -05:00
Swissky 36bbfd877f Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2020-06-18 11:56:22 +02:00
Swissky ecf29c2cbe Active Directory - Mitigations 2020-06-18 11:55:48 +02:00
Swissky 29575f54f7
Merge pull request #216 from rezaduty/patch-3 
Update README.md
 2020-06-17 10:35:57 +02:00
reza.duty 010b550dec
Update README.md 2020-06-17 11:42:26 +04:30
Swissky 74325476a0
Merge pull request #215 from bsysop/patch-1 
metadata.nicob.net not long resolve to metadata IP
 2020-06-14 18:47:35 +02:00
bsysop 24981f945f
metadata.nicob.net not long resolve to metadata IP 
```
$ dig +short metadata.nicob.net
...
```

Not resolving
 2020-06-14 12:08:25 -03:00
Swissky 701219932d
Merge pull request #214 from rezaduty/patch-2 
Update README.md
 2020-06-09 18:29:02 +02:00
reza.duty 03a0bda20d
Update README.md 2020-06-09 20:05:32 +04:30
Swissky c24cb01715
Merge pull request #213 from DidierA/DidierA-patch-1 
clarification in 'bypass character filter'
 2020-06-06 00:05:13 +02:00
Didier Arenzana bd0c6847b8
clarification in 'bypass character filter' 
added the results of echo and tr commands for clarification
 2020-06-04 17:26:45 +02:00
Swissky 71ddb449ce Windows Persistence 2020-06-01 21:37:32 +02:00
Swissky 137333cef6
Merge pull request #210 from meizjm3i/meizj-PayloadsAllTheThings 
Update ERB SSTI tips
 2020-05-29 13:54:44 +02:00