d564c257d8
Additional check add
2021-06-29 17:26:42 +05:30
38668c44e7
Update open-redirect.yaml
...
this payload worked for me while i was hunting.
2021-06-21 10:21:44 +02:00
962959f573
Removed invalid payload
2021-06-11 22:20:01 +05:30
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
7cd00b6145
Removing invalid paths
2021-05-11 02:15:17 +05:30
37ac4c0924
Update top-xss-params.yaml
...
Fix more false positives.
2021-05-10 18:39:09 +00:00
dea16d4ebd
Update top-xss-params.yaml
...
Fixes an edge case false positive on AkamaiGhost servers
2021-05-10 18:20:48 +00:00
bd9997113e
Merge pull request #1430 from geeknik/patch-90
...
Update open-redirect.yaml
2021-05-07 16:18:32 +05:30
871a4107b5
Added complete payload and matcher
2021-05-07 15:21:59 +05:30
2f41002213
Update open-redirect.yaml
2021-05-06 22:38:09 +00:00
565404910b
Update top-xss-params.yaml
2021-05-06 12:55:40 +00:00
020c9a959c
Additional payload
2021-04-29 13:38:39 +05:30
be24a83a98
Simplify regex
2021-04-27 10:42:41 -04:00
1824c1df92
More flexible matching to prevent false-negatives
2021-04-27 10:38:57 -04:00
05c948eddd
Update error-based-sql-injection.yaml
2021-04-23 14:12:58 +00:00
ab46a9b2f0
Update basic-cors.yaml
...
Severity should be info.
2021-04-10 01:01:09 +03:00
0c243d188a
tags improvements
2021-04-06 13:45:46 +05:30
40fb0066c3
more reference
2021-04-02 21:38:35 +05:30
3daa03c799
Update cache-poisoning.yaml
2021-04-02 19:19:50 +05:30
5eb1e78503
Create cache-poisoning.yaml
2021-04-02 15:14:09 +02:00
8fd55de534
Update error-based-sql-injection.yaml
2021-03-21 20:28:22 +05:30
a3d7047521
Update error-based-sql-injection.yaml
...
Reverting back to raw http request. Sending encoded requests using net/http were missing blatant SQL injections.
Before:
[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[INF] No results found. Better luck next time!
After:
[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[2021-03-20 14:48:59] [error-based-sql-injection:MariaDB] [http] [high] https://REDACTED/ ') [check the manual that corresponds to your MariaDB server version]
2021-03-20 19:52:48 +00:00
0c602a56e7
Update error-based-sql-injection.yaml
2021-03-18 14:05:19 +05:30
988d0c75c9
Update error-based-sql-injection.yaml
2021-03-17 20:39:57 +00:00
019a193aec
Update error-based-sql-injection.yaml
2021-03-17 19:31:08 +00:00
be020357e8
Update error-based-sql-injection.yaml
2021-03-17 19:25:02 +00:00
99bb91c255
Update error-based-sql-injection.yaml
2021-03-17 19:19:27 +00:00
8fe5f4e1ff
Create error-based-sql-injection.yaml
...
🎉 OMG 🎉
Detect Error Based SQL Injection
Includes regex matchers + extractors for 29 Database Engines
💥 https://buymeacoffee.com/geeknik 💥
2021-03-17 17:30:53 +00:00
5241e0f960
Update open-redirect.yaml
2021-02-26 01:16:45 +05:30
8927253cb3
Improvement of the regex in open redirection template
2021-02-25 11:13:01 +01:00
07eb454de6
Update open-redirect.yaml
...
Seems a bit rude to add a production website like test.com to a template like this will generate a ton of unexpected traffic for a company who might not be expecting it or appreciating it.
2021-02-15 17:42:57 +00:00
0c82bbb53c
Update open-redirect.yaml
2021-02-14 17:12:34 +05:30
0ee8b53fb4
payload updates
2021-02-14 17:11:51 +05:30
dea2fd28dc
update name
2021-02-14 13:35:57 +05:00
01535dd36a
added new signatures for URL Redirect
...
Update double quotes with single quotes against escaping, and added new signatures
2021-02-14 13:29:18 +05:00
ec7a29957d
Adding tags to vulnerabilities and workflows
2021-02-12 11:23:01 +05:30
1468d8a52c
matcher updates
2021-01-11 12:14:22 +05:30
187e4a5feb
moving more files around
2021-01-09 18:32:04 +05:30
95d784d9b7
moving folder/files around
2021-01-08 22:25:54 +05:30
sandeep
Emad Youssef
Prince Chaddha
Geeknik Labs
Sandeep Singh
sullo
Gal Nagli
Mohamed Elbadry
sandeep
ganoes
Afaq