Commit Graph

1058 Commits (e3e3ca6ba29e3305e36b904f56f5b4449858baff)

Author SHA1 Message Date
Swissky b5a758dada
Merge pull request #305 from lanjelot/master
Add missing url
2020-12-11 18:39:38 +01:00
lanjelot aaff374395 Add missing url 2020-12-12 04:26:31 +11:00
Swissky e58bfe8310
Merge pull request #304 from lanjelot/master
Add tool GitTools
2020-12-11 18:25:58 +01:00
lanjelot 4ab874d854 Add tool GitTools 2020-12-12 04:19:54 +11:00
Swissky 73fdd6e218 Mimikatz - Elevate token with LSA protection 2020-12-09 23:33:40 +01:00
Swissky 12aab45018 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2020-12-08 14:31:47 +01:00
Swissky 19a2950b8d AMSI + Trust 2020-12-08 14:31:01 +01:00
Swissky 2f83ee56f4
Merge pull request #302 from noraj/patch-1
add another example of XXE in XLSX
2020-12-08 11:36:26 +01:00
Alexandre ZANNI 7733d4495e
add another example of XXE in XLSX 2020-12-08 09:50:30 +01:00
Swissky 78cc68674b
Merge pull request #296 from brnhrd/patch-1
Fix table of contents
2020-12-07 17:21:02 +01:00
Swissky f48ee0bca5 Deepce - Docker Enumeration, Escalation of Privileges and Container Escapes 2020-12-06 18:59:43 +01:00
Swissky 27050f6dd8 MSSQL Server Cheatsheet 2020-12-05 11:37:34 +01:00
Swissky e9390d1572
Merge pull request #297 from u0pattern/u0pattern-patch-1
XXE WAF Bypass Added
2020-12-04 10:21:17 +01:00
ムハンマド eb75a7e304
XXE WAF Bypass Added 2020-12-04 05:16:37 +03:00
Swissky e13f152b74 AD - Recon 2020-12-02 18:43:13 +01:00
brnhrd 15e44bdfe6
Fix table of contents 2020-12-02 14:19:59 +01:00
Swissky 3314f8bd99
Merge pull request #294 from lanjelot/add-s3-objects-check
Add tool nccgroup/s3_objects_check
2020-11-29 19:25:07 +01:00
lanjelot bca107cc64 Move duplicated tool references into one place 2020-11-30 01:38:04 +11:00
lanjelot 10e6c075f7 Add tool nccgroup/s3_objects_check 2020-11-30 01:17:15 +11:00
Swissky 7cd34d4ffa
Merge pull request #293 from cervoise/patch-1
Update README.md
2020-11-26 18:45:16 +01:00
Cervoise e9de4e9d78
Update README.md
Add the "?" trick.
2020-11-26 16:43:10 +01:00
Swissky b918095775 AzureHound 2020-11-24 12:41:34 +01:00
Swissky 13ed9c8628
Merge pull request #292 from paupaulaz/master
Puts the H1 reports at the right place
2020-11-22 12:57:27 +01:00
paupaulaz b7547cc171
Puts the H1 reports at the right place
The HackerOne reports mentioned in this doc are referring to Request Smuggling, not CSRF
2020-11-22 10:52:20 +01:00
Swissky a639121b21
Merge pull request #291 from marcan2020/patch-11
Remove unnecessary condition to extract columns
2020-11-18 10:12:53 +01:00
marcan2020 3cf44386da
Remove unnecessary condition to extract columns
Since we retrieve only the rows with a specific table name `name ='table_name', the table name won't start with `sqlite_` .
Thus, we can remove the unnecessary condition.
2020-11-17 19:59:11 -05:00
Swissky 8863292545
Merge pull request #290 from bascoe10/patch-1
Sorted the list of revshell options
2020-11-14 22:28:53 +01:00
Abass Sesay 95b07c9e3e
Sorted the list of revshell options
Miniscule change because it was grinding my grinding my gears that the list is not sorted :-)
2020-11-14 09:20:49 -08:00
Swissky a60caaefef
Merge pull request #289 from samsbp/master
Update ssrf payloads specific to java
2020-11-08 12:47:15 +01:00
PwnL0rd bde7fc738c
added link in the reference section 2020-11-08 12:00:35 +05:30
security-is-myth f3066722ee update SSRF/README.md with java payloads 2020-11-07 22:07:18 +05:30
security-is-myth 08bc3acb05 update SSRF/README.md with java payloads 2020-11-07 22:03:02 +05:30
Swissky bd184487e5 NTLM Hashcat 2020-11-06 16:20:03 +01:00
Swissky 6a82f47f32
Merge pull request #288 from bolli95/master
TWITTER.md added
2020-11-03 12:57:53 +01:00
Swissky 0492545960
Update TWITTER.md 2020-11-03 12:57:33 +01:00
Max Boll 5930efcb80 TWITTER.md added 2020-11-03 11:37:20 +01:00
Swissky f9e2512080
Merge pull request #287 from beomsu317/master
Update SQL-Injection
2020-11-03 10:38:02 +01:00
Swissky 464fbeb8f4
Merge pull request #285 from random-robbie/patch-1
Update README.md
2020-10-31 22:47:09 +01:00
Robbie e8fccb6dd2
Update README.md
added 169.254.169.254 decimal
2020-10-31 20:19:27 +00:00
Swissky 7f36bf58a4
Merge pull request #284 from akoul02/patch-1
Improved Jade payload
2020-10-31 16:47:10 +01:00
akoul02 ed944a95af
Improved Jade payload 2020-10-31 18:02:29 +03:00
Swissky 1137bfca8d Remote Desktop Services Shadowing 2020-10-30 21:10:00 +01:00
Swissky 4fe1d71ad8
Merge pull request #283 from d4rkc0nd0r/patch-9
Update MySQL Injection.md
2020-10-29 16:44:14 +01:00
Siddharth Reddy 2bdd23dc51
Update MySQL Injection.md 2020-10-29 17:03:22 +05:30
Swissky c7be142d62
Merge pull request #282 from Gorgamite/patch-3
Added winPEAS to windows privilege escalation tool
2020-10-29 12:20:55 +01:00
Gorgamite f9389d708b
Added winPEAS to windows privilege escalation tool
WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe
It doesn't auto exploit, but it's rather thorough and effective.
2020-10-29 03:57:40 -07:00
Swissky db533aabd4
Merge pull request #280 from Gorgamite/master
Added LinPEAS to Linux Privesc.
2020-10-29 11:56:44 +01:00
Swissky 2746451408
Merge pull request #279 from Gorgamite/patch-1
Added more information on kernel exploits
2020-10-29 11:55:25 +01:00
Gorgamite ff3b45e0b7
Added LinPEAS to Linux Privesc.
I very strongly recommend adding LinPEAS to the enumeration tools. LinPEAS is arguably the best linux privesc enumeration tool out there. If you haven't used it, I'd try it out. It highlights all relevant information with color coded text, and you can pass it parameters to control the thoroughness of the scan. You should add WinPEAS for windows privesc as well.
2020-10-29 03:50:05 -07:00
Gorgamite 1b69a3ef73
Update Linux - Privilege Escalation.md 2020-10-29 03:22:08 -07:00