Commit Graph

39 Commits (3f46e4842639a2032e4ed0f3012694546cf1357d)

Author SHA1 Message Date
sandeep d564c257d8 Additional check add 2021-06-29 17:26:42 +05:30
Emad Youssef 38668c44e7
Update open-redirect.yaml
this payload worked for me while i was hunting.
2021-06-21 10:21:44 +02:00
sandeep 962959f573 Removed invalid payload 2021-06-11 22:20:01 +05:30
Prince Chaddha 83ce809e8d Updated author names 2021-06-09 17:50:56 +05:30
sandeep 7cd00b6145 Removing invalid paths 2021-05-11 02:15:17 +05:30
Geeknik Labs 37ac4c0924
Update top-xss-params.yaml
Fix more false positives.
2021-05-10 18:39:09 +00:00
Geeknik Labs dea16d4ebd
Update top-xss-params.yaml
Fixes an edge case false positive on AkamaiGhost servers
2021-05-10 18:20:48 +00:00
Sandeep Singh bd9997113e
Merge pull request #1430 from geeknik/patch-90
Update open-redirect.yaml
2021-05-07 16:18:32 +05:30
sandeep 871a4107b5 Added complete payload and matcher 2021-05-07 15:21:59 +05:30
Geeknik Labs 2f41002213
Update open-redirect.yaml 2021-05-06 22:38:09 +00:00
Geeknik Labs 565404910b
Update top-xss-params.yaml 2021-05-06 12:55:40 +00:00
sandeep 020c9a959c Additional payload 2021-04-29 13:38:39 +05:30
sullo be24a83a98 Simplify regex 2021-04-27 10:42:41 -04:00
sullo 1824c1df92 More flexible matching to prevent false-negatives 2021-04-27 10:38:57 -04:00
Geeknik Labs 05c948eddd
Update error-based-sql-injection.yaml 2021-04-23 14:12:58 +00:00
Gal Nagli ab46a9b2f0
Update basic-cors.yaml
Severity should be info.
2021-04-10 01:01:09 +03:00
sandeep 0c243d188a tags improvements 2021-04-06 13:45:46 +05:30
sandeep 40fb0066c3 more reference 2021-04-02 21:38:35 +05:30
sandeep 3daa03c799 Update cache-poisoning.yaml 2021-04-02 19:19:50 +05:30
Mohamed Elbadry 5eb1e78503
Create cache-poisoning.yaml 2021-04-02 15:14:09 +02:00
sandeep 8fd55de534 Update error-based-sql-injection.yaml 2021-03-21 20:28:22 +05:30
Geeknik Labs a3d7047521
Update error-based-sql-injection.yaml
Reverting back to raw http request. Sending encoded requests using net/http were missing blatant SQL injections. 

Before:

[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[INF] No results found. Better luck next time!

After:

[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[2021-03-20 14:48:59] [error-based-sql-injection:MariaDB] [http] [high] https://REDACTED/') [check the manual that corresponds to your MariaDB server version]
2021-03-20 19:52:48 +00:00
sandeep 0c602a56e7 Update error-based-sql-injection.yaml 2021-03-18 14:05:19 +05:30
Geeknik Labs 988d0c75c9
Update error-based-sql-injection.yaml 2021-03-17 20:39:57 +00:00
Geeknik Labs 019a193aec
Update error-based-sql-injection.yaml 2021-03-17 19:31:08 +00:00
Geeknik Labs be020357e8
Update error-based-sql-injection.yaml 2021-03-17 19:25:02 +00:00
Geeknik Labs 99bb91c255
Update error-based-sql-injection.yaml 2021-03-17 19:19:27 +00:00
Geeknik Labs 8fe5f4e1ff
Create error-based-sql-injection.yaml
🎉  OMG 🎉 
Detect Error Based SQL Injection
Includes regex matchers + extractors for 29 Database Engines
💥 https://buymeacoffee.com/geeknik 💥
2021-03-17 17:30:53 +00:00
sandeep 5241e0f960 Update open-redirect.yaml 2021-02-26 01:16:45 +05:30
ganoes 8927253cb3 Improvement of the regex in open redirection template 2021-02-25 11:13:01 +01:00
Geeknik Labs 07eb454de6
Update open-redirect.yaml
Seems a bit rude to add a production website like test.com to a template like this will generate a ton of unexpected traffic for a company who might not be expecting it or appreciating it.
2021-02-15 17:42:57 +00:00
sandeep 0c82bbb53c Update open-redirect.yaml 2021-02-14 17:12:34 +05:30
sandeep 0ee8b53fb4 payload updates 2021-02-14 17:11:51 +05:30
Afaq dea2fd28dc
update name 2021-02-14 13:35:57 +05:00
Afaq 01535dd36a
added new signatures for URL Redirect
Update double quotes with single quotes against escaping, and added new signatures
2021-02-14 13:29:18 +05:00
sandeep ec7a29957d Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
team-projectdiscovery 1468d8a52c matcher updates 2021-01-11 12:14:22 +05:30
team-projectdiscovery 187e4a5feb moving more files around 2021-01-09 18:32:04 +05:30
team-projectdiscovery 95d784d9b7 moving folder/files around 2021-01-08 22:25:54 +05:30