Swissky
|
0b9d76eb8e
|
HQL references
|
2019-07-19 19:34:23 +02:00 |
|
Swissky
|
45af613fd9
|
Active Directory - Unconstrained delegation
|
2019-07-17 23:17:35 +02:00 |
|
Swissky
|
3cce80cd53
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2019-07-14 14:24:00 +02:00 |
|
Swissky
|
382bd9acec
|
Type Juggling - Another SHA 256
|
2019-07-14 14:23:20 +02:00 |
|
Swissky
|
ca331acba8
|
Merge pull request #79 from LewisArdern/patch-1
adding reference to blog
|
2019-07-13 00:11:10 +02:00 |
|
Lewis
|
dab064a583
|
adding reference to blog
|
2019-07-12 12:49:02 -07:00 |
|
Swissky
|
504caa3b50
|
SSTI by calling Popen without guessing the offset
|
2019-07-10 21:31:44 +02:00 |
|
Swissky
|
bdef021a6d
|
Magic Hashes SHA224 and SHA256
|
2019-07-10 21:26:24 +02:00 |
|
Swissky
|
05054af343
|
JWT RS256 to HS256 using pubkey to generate a signature
|
2019-07-10 20:58:50 +02:00 |
|
Swissky
|
6cecb8fa7a
|
GraphQL - Projection + Edges/Nodes
|
2019-07-05 21:34:04 +02:00 |
|
Swissky
|
f6564869f0
|
Fix typo in PHP Object injection
|
2019-07-05 18:42:42 +02:00 |
|
Swissky
|
13ba72f124
|
GraphQL + RDP Bruteforce + PostgreSQL RCE
|
2019-07-01 23:29:29 +02:00 |
|
Swissky
|
46780de750
|
PostgreSQL rewrite + LFI SSH
|
2019-06-29 19:23:34 +02:00 |
|
Swissky
|
144b3827ab
|
MS14-068 + /etc/security/opasswd
|
2019-06-29 17:55:13 +02:00 |
|
Swissky
|
3b85f1b6fc
|
UTF-8 encoding for File Inclusion
|
2019-06-29 11:20:17 +02:00 |
|
Swissky
|
b148a9c906
|
Merge pull request #76 from ElonSalfati/master
Added 2 working sql injection lines
|
2019-06-28 17:30:12 +02:00 |
|
Elon Salfati
|
a4411ae086
|
Added 2 working sql injection lines
|
2019-06-28 18:16:45 +03:00 |
|
Swissky
|
7dda79bfc1
|
ImageMagik Ghost Script + Typo git summary
|
2019-06-26 00:07:06 +02:00 |
|
Swissky
|
1cec6e9a35
|
Merge pull request #75 from scarvell/master
Added Freemarker SSTI PoC that doesn't require the use of "tags"/spaces
|
2019-06-24 14:32:11 +02:00 |
|
Brendan Scarvell
|
601db0e188
|
Added freemarker PoC that doesn't require spaces or tags
|
2019-06-24 21:38:56 +10:00 |
|
Swissky
|
9be62677b6
|
Add root user + PHP null byte version
|
2019-06-24 00:21:39 +02:00 |
|
Swissky
|
c3f96c6753
|
GraphQL injection : blind nosqli + sqli
|
2019-06-21 17:01:43 +02:00 |
|
Swissky
|
9745e67465
|
HQL Injection + references update
|
2019-06-16 23:45:52 +02:00 |
|
Swissky
|
6921cde15c
|
Merge pull request #73 from ahhh/patch-1
Update Windows - Privilege Escalation.md
|
2019-06-12 00:14:08 +02:00 |
|
Dan Borges
|
24a05c7098
|
Update Windows - Privilege Escalation.md
|
2019-06-11 11:51:09 -07:00 |
|
Swissky
|
8cec2e0ca3
|
Linux PrivEsc - Writable files
|
2019-06-10 11:09:02 +02:00 |
|
Swissky
|
94a60b43d6
|
Writable /etc/sudoers + Meterpreter autoroute
|
2019-06-10 11:00:54 +02:00 |
|
Swissky
|
a85fa5af28
|
Local File Include : rce via mail + kadimus
|
2019-06-10 00:05:47 +02:00 |
|
Swissky
|
5d4f65720a
|
PrivEsc - Common Exploits
|
2019-06-09 20:53:41 +02:00 |
|
Swissky
|
e8cd11f88f
|
plink + sshuttle : Network Pivoting Techniques
|
2019-06-09 18:13:15 +02:00 |
|
Swissky
|
adcea1a913
|
Linux PrivEsc + SSH persistency
|
2019-06-09 16:05:44 +02:00 |
|
Swissky
|
f5a8a6b62f
|
Meterpreter shell
|
2019-06-09 14:26:14 +02:00 |
|
Swissky
|
93f6c03b54
|
GraphQL + LXD/etc/passwd PrivEsc + Win firewall
|
2019-06-09 13:46:40 +02:00 |
|
Swissky
|
00f50c5f32
|
Merge pull request #72 from h1-ragnar/patch-1
Cloudflare XSS Bypasses by Bohdan Korzhynskyi
|
2019-06-06 19:03:17 +02:00 |
|
h1-ragnar
|
edcac293a8
|
Cloudflare XSS Bypasses by Bohdan Korzhynskyi
|
2019-06-05 21:36:41 +03:00 |
|
Swissky
|
b031115588
|
Merge pull request #71 from jonasw234/master
Add nginx log files for LFI log poisoning
|
2019-05-30 12:33:24 +02:00 |
|
Jonas Wendorf
|
f5702467d6
|
Add nginx log files for LFI log poisoning
|
2019-05-30 12:01:24 +02:00 |
|
Swissky
|
f88da43e1c
|
SQL informationschema.processlist + UPNP warning + getcap -ep
|
2019-05-25 18:19:08 +02:00 |
|
Swissky
|
b1a05d1aab
|
Create License
Fix issue #69
|
2019-05-25 16:27:35 +02:00 |
|
Swissky
|
72c96ade44
|
Merge pull request #70 from AlexisVLRT/master
Some link's markdown was broken
|
2019-05-24 17:37:39 +02:00 |
|
Alexis VIALARET
|
506014dd5f
|
Some link's markdown was broken
|
2019-05-24 17:15:33 +02:00 |
|
Swissky
|
9c2e63818f
|
XSS without parenthesis, semi-colon + Lontara
|
2019-05-15 21:55:17 +02:00 |
|
Swissky
|
cc8c7b3e70
|
Fix YOUTUBE and BOOKS links
|
2019-05-12 22:59:22 +02:00 |
|
Swissky
|
698cc52eaa
|
README rewrite : BOOKS and YOUTUBE
|
2019-05-12 22:43:42 +02:00 |
|
Swissky
|
b81df17589
|
RFI - Windows SMB allow_url_include = "Off"
|
2019-05-12 22:23:55 +02:00 |
|
Swissky
|
bab04f8587
|
Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp
|
2019-05-12 21:34:09 +02:00 |
|
Swissky
|
765c615efe
|
XSS injection Summary + MSF web delivery
|
2019-05-12 14:22:48 +02:00 |
|
Swissky
|
6bc297252a
|
Merge pull request #67 from roman-mueller/master
Remove http:// prefix for DNS queries
|
2019-05-08 01:27:16 +02:00 |
|
Roman Mueller
|
403cb4ef65
|
Remove http:// prefix for DNS queries
|
2019-05-07 18:14:49 +02:00 |
|
Swissky
|
2b3f07236b
|
XSLT in SAML
|
2019-04-28 13:06:59 +02:00 |
|