Mirrors/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 07:04:22 +00:00

Author	SHA1	Message	Date
Alvin Smith	335a5c42fb	Update MySQL Injection.md	2021-09-25 22:53:25 +12:00
sudoutopia	f18cb9b569	GROUP_CONCAT equivelent for MSSQL	2021-08-11 17:07:55 +02:00
Swissky	87be30d3b2	DB2 Injection + ADCS	2021-08-10 23:00:19 +02:00
Swissky	0443babe35	Relay + MSSQL Read File	2021-03-25 18:25:02 +01:00
Swissky	f6b9d63bf8	DCOM exploitation and MSSQL CLR	2021-03-24 22:26:23 +01:00
Karim Kanso	826130946c	Add a one line postgres file write	2021-01-30 14:17:35 +00:00
Swissky	4e17d6c2b3	Update PostgreSQL Injection.md	2021-01-24 18:43:58 +01:00
Swissky	cd6f5493b3	Update PostgreSQL Injection.md	2021-01-24 18:43:28 +01:00
Ayoma Wijethunga	4b8dab523e	Add PostgreSQL Check if Current User is Supperuser	2021-01-24 23:09:52 +05:30
marcan2020	3cf44386da	Remove unnecessary condition to extract columns Since we retrieve only the rows with a specific table name `name ='table_name', the table name won't start with `sqlite_` . Thus, we can remove the unnecessary condition.	2020-11-17 19:59:11 -05:00
Swissky	f9e2512080	Merge pull request #287 from beomsu317/master Update SQL-Injection	2020-11-03 10:38:02 +01:00
Swissky	1137bfca8d	Remote Desktop Services Shadowing	2020-10-30 21:10:00 +01:00
Siddharth Reddy	2bdd23dc51	Update MySQL Injection.md	2020-10-29 17:03:22 +05:30
Vincent Gilles	0b90094002	Fix(Docs): Correcting typos on the repo	2020-10-17 22:52:35 +02:00
Siddharth Reddy	fdc44ce84e	Update Cassandra Injection.md Broken link [Injection In Apache Cassandra – Part I - Rodolfo - EternalNoobs](https://eternalnoobs.com/injection-in-apache-cassandra-part-i/)	2020-10-09 18:10:12 +05:30
Swissky	a8319b94ff	Merge pull request #259 from SiddTim/patch-1 Update Cassandra Injection.md	2020-10-09 10:31:58 +02:00
Siddharth Reddy	f284045ba6	Update MSSQL Injection.md Broken link [Sqlinjectionwiki - MSSQL](http://www.sqlinjectionwiki.com/categories/1/mssql-sql-injection-cheat-sheet/) .	2020-10-09 12:53:21 +05:30
Siddharth Reddy	f66c53ee25	Update Cassandra Injection.md Broken link [https://hack2learn.pw/cassandra/login.php]	2020-10-09 12:45:28 +05:30
Swissky	a478356f43	MySQL Fast Exploitation using json_arrayagg()	2020-09-23 17:19:34 +02:00
Swissky	dd40ddd233	XSS summary subentries + GraphTCP	2020-07-12 14:44:33 +02:00
hloverflow	2e7b9db94b	Corrected Reference to 2009 paper	2020-07-12 13:21:18 +08:00
HLOverflow	37f66cc523	add to table of content	2020-07-12 13:17:43 +08:00
hloverflow	baadc6d3e9	contribute PostgreSQL bypass quotes technique	2020-07-12 13:14:26 +08:00
Swissky	d3f1bfa1ae	Merge pull request #209 from c14dd49h/patch-1 Update README.md	2020-07-11 10:50:04 +02:00
Swissky	5b1a79cb56	Docker device file breakout	2020-07-04 19:00:56 +02:00
Swissky	f86837ca8c	Fix #211	2020-06-24 12:10:41 +02:00
c14dd49h	5b47fc8ead	Update README.md	2020-05-27 18:53:37 +02:00
Swissky	4ca5e71c2f	Bind shell cheatsheet (Fix #194 )	2020-05-24 14:09:46 +02:00
beomsu317	4c3cb6f530	Update SQL-Injection	2020-05-14 15:29:52 +09:00
Swissky	7f1c150edd	Mimikatz Summary	2020-05-10 16:17:10 +02:00
DoI	5aad5795d2	minor spelling fix	2020-05-05 15:15:50 +12:00
DoI	53db029d4e	Added additional info to the Postgres SQLi page	2020-05-05 15:10:44 +12:00
Swissky	da5dc1299e	MSSQL Trusted Link	2020-05-01 12:06:18 +02:00
Swissky	04899355ad	Magic Hashes + SQL fuzz	2020-04-26 21:43:42 +02:00
Swissky	eaac0e748e	Fix issue #185	2020-04-21 11:31:18 +02:00
Swissky	c8c4a6e8a9	Fix issue #185	2020-04-21 11:26:49 +02:00
fuxsocy.py	009a2f9276	Update SQLite Injection.md Added new link location for the pdf.	2020-04-03 23:15:05 +00:00
chivato	29fac06023	From https://twitter.com/secgus MySQL Blind Queries and Data Exfiltration via the ORDER BY clause.	2020-03-01 21:15:19 +00:00
Swissky	55d1731897	Merge pull request #116 from nizam0906/master Added More Updates in SQL Injection	2019-10-29 17:11:28 +01:00
nizam0906	d41e0d33bd	Added Summary in Hibernate Query Language Injection	2019-10-29 19:47:42 +05:30
nizam0906	4d94e553b9	Added Summary in Cassandra Injection	2019-10-29 19:42:49 +05:30
nizam0906	fe8c7be2fb	Fixed Broken Links in SQL injection README.md	2019-10-29 19:33:09 +05:30
nizam0906	a69c2acb7d	Added Summary in SQLite Injection	2019-10-29 19:22:49 +05:30
nizam0906	4b1f7e629d	Fixed Broken Links in PostgreSQL Injection	2019-10-29 19:06:41 +05:30
nizam0906	20d6599772	Added Summary	2019-10-29 18:57:33 +05:30
nizam0906	ca59b1d217	Fixed Broken Links in MSSQL Injection Fixed Broken Links in MSSQL Injection	2019-10-29 18:44:28 +05:30
nizam0906	a33dce0d60	Fixed Broken Links	2019-10-29 18:25:00 +05:30
nizam0906	7d6fab92fa	Update Detect columns number Using SELECT * FROM SOME_EXISTING_TABLE Error Based	2019-10-29 18:11:58 +05:30
nizam0906	614e8a97b9	Updated Detect columns number Detect columns number using LIMIT INTO Error Based	2019-10-29 16:48:11 +05:30
nizam0906	f81f9440b8	Added More Ways to Detect columns number using order by or group by using order by or group by error based using UNION SELECT Error Based	2019-10-29 16:32:22 +05:30
Swissky	377aad4061	Merge pull request #115 from nizam0906/master Added List Database Administrator Accounts	2019-10-29 08:36:01 +01:00
nizam0906	bb2c247160	Added List Database Administrator Accounts SELECT datname FROM pg_database	2019-10-29 10:32:39 +05:30
Swissky	534d46d0e4	Merge pull request #113 from Q5Ca/patch-1 Add bypass WAF no equal using BETWEEN	2019-10-28 18:21:26 +01:00
duongdpt	135af74acd	Update README.md Add bypass waf using BETWEEN	2019-10-28 22:26:28 +07:00
nizam0906	3dcd4425a8	Added more PostgreSQL Injection Queries * PostgreSQL version * PostgreSQL Current User * PostgreSQL List Users * PostgreSQL List Password Hashes * PostgreSQL List Privileges * PostgreSQL database name * PostgreSQL List databases * PostgreSQL List tables * PostgreSQL List columns * PostgreSQL Stacked query	2019-10-28 16:26:49 +05:30
nizam0906	f35ace93cf	Update PostgreSQL Injection.md Updated PostgreSQL Error Based injections	2019-10-26 18:07:14 +05:30
nizam0906	5b59da70f7	Update MySQL Injection.md Added 6 MYSQL DIOS * Zen * Zen WAF * ~tr0jAn WAF * ~tr0jAn Benchmark * N1Z4M * sharik	2019-10-25 18:11:11 +05:30
Swissky	5455c30ec7	Juicy Potato + XXE update	2019-09-08 19:44:51 +02:00
Swissky	3ca07aeb7a	Docker Privesc - Unix socket	2019-08-30 17:25:07 +02:00
Swissky	8dffb59ac5	Pspy + Silver Ticket + MSSQL connect	2019-08-18 22:24:48 +02:00
Swissky	4a176615fe	CORS Misconfiguration	2019-08-18 12:08:51 +02:00
Swissky	0b9d76eb8e	HQL references	2019-07-19 19:34:23 +02:00
Swissky	f6564869f0	Fix typo in PHP Object injection	2019-07-05 18:42:42 +02:00
Swissky	13ba72f124	GraphQL + RDP Bruteforce + PostgreSQL RCE	2019-07-01 23:29:29 +02:00
Swissky	46780de750	PostgreSQL rewrite + LFI SSH	2019-06-29 19:23:34 +02:00
Elon Salfati	a4411ae086	Added 2 working sql injection lines	2019-06-28 18:16:45 +03:00
Swissky	9745e67465	HQL Injection + references update	2019-06-16 23:45:52 +02:00
Swissky	f88da43e1c	SQL informationschema.processlist + UPNP warning + getcap -ep	2019-05-25 18:19:08 +02:00
Alexis VIALARET	506014dd5f	Some link's markdown was broken	2019-05-24 17:15:33 +02:00
Swissky	49b9d0aff7	MSQL UDF sys_exec + SSRF IP: 127.1 and 127.0.1	2019-04-20 20:23:40 +02:00
Swissky	13864bde04	GoGitDumper + MySQL summary rewrite	2019-04-15 00:49:56 +02:00
Swissky	c66197903f	MYSQL Truncation attack + Windows search where	2019-04-14 19:46:34 +02:00
Swissky	a509909561	PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources	2019-03-24 16:00:27 +01:00
clem9669	ea1e5a63ad	Add authentification bypass admin' -- - (variant of pre-existing)	2019-03-21 16:44:37 +00:00
tkmk	0913e8c3bd	Fix changed urls	2019-03-19 20:18:06 +08:00
Swissky	404afd1d71	Fix name's capitalization	2019-03-07 00:07:55 +01:00

1 2 3

126 commits