Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-13 23:02:46 +00:00
Code Issues Projects Releases Packages Wiki Activity
651 commits 2 branches 6 tags 66 MiB
Commit graph

651 commits

This branch
This branch
All branches
Author SHA1 Message Date
Swissky
173366dc65
Merge pull request #167 from PixeLInc/patch-1 
Remove example from win priv esc
 2020-03-23 23:27:10 +01:00
PixeL
1b190939c4
Remove example from win priv esc 
This example was used on hackthebox where it leaked the root flag of a machine on free servers.
This resulted in every user being able to get the root flag before they have even completed the box which isn't fair to others.

This example should either be changed or removed completely to combat copy-pasting without knowing what you're doing.
 2020-03-23 17:17:42 -05:00
Swissky
6c38274bdb
Merge pull request #166 from fanixk/patch-1 
Update Windows - Privilege Escalation.md
 2020-03-22 21:56:05 +01:00
Fanis Katsimpas
2bdbb2dbc5
Update Windows - Privilege Escalation.md 
Make powershell on EoP - Runas easier to copy paste
 2020-03-22 19:25:35 +00:00
Swissky
4303caa08c README - Summary update 2020-03-19 12:03:32 +01:00
Swissky
1538ccd7f2 Gaining AWS Console Access via API Keys 2020-03-19 11:59:49 +01:00
Swissky
57b500b48e
Merge pull request #165 from HLOverflow/master 
More Bash tricks to bypass Command Injection filtering
 2020-03-14 18:45:55 +01:00
HLOverflow
97dffcdc40
Update README.md 2020-03-15 01:11:47 +08:00
HLOverflow
3e184c10f9
Added additional character filter bypasses 2020-03-15 01:09:28 +08:00
Swissky
70182d32c9
Merge pull request #164 from Techbrunch/patch-3 
Update AWS SSRF tips
 2020-03-11 16:33:27 +01:00
Techbrunch
3abf2aff2a
Update AWS SSRF tips 
Added http://instance-data
 2020-03-11 15:20:51 +01:00
Swissky
c20f84d09c
Merge pull request #163 from SecGus/master 
Improvement to the SSTI RCE
 2020-03-09 20:06:32 +01:00
chiv
fe4bdb0df4 Improvement to the SSTI RCE 2020-03-09 18:19:33 +00:00
Swissky
1f3a94ba88 AWS SSM + Shadow copy attack 2020-03-06 15:30:38 +01:00
Swissky
5d87804f71 AWS EC2 Instance Connect + Lambda + SSM 2020-03-06 13:33:14 +01:00
Swissky
9207e0204c
Merge pull request #162 from SecGus/master 
Blind SQL Injection payloads missing from the website.
 2020-03-02 15:22:44 +01:00
chivato
29fac06023 From https://twitter.com/secgus 
MySQL Blind Queries and Data Exfiltration via the ORDER BY clause.
 2020-03-01 21:15:19 +00:00
Swissky
c19e36ad34 Azure AD Connect - MSOL Account's password and DCSync 2020-03-01 17:06:31 +01:00
Swissky
71a307a86b AWS - EC2 copy image 2020-02-29 12:56:00 +01:00
Swissky
74f2dfccca Kerberos Constrained Delegation 2020-02-23 21:20:46 +01:00
Swissky
c5ac4e9eff AWS Patterns 2020-02-23 20:58:53 +01:00
Swissky
0b14b12fb4
Merge pull request #159 from noraj/patch-1 
LDAPi: add scripts and dorks
 2020-02-22 01:17:03 +01:00
Alexandre ZANNI
3fad2f364c
add ruby script 2020-02-21 23:49:50 +01:00
Alexandre ZANNI
f28f83bda6
LDAPi: add scripts and dorks 2020-02-21 23:19:48 +01:00
Swissky
915946a343 Fix Cloud Training 2020-02-21 10:50:43 +01:00
Swissky
bda7100a77 Fix Cloud references 2020-02-21 10:47:16 +01:00
Swissky
984078050b Cloud - Pentest with AWS and Azure 2020-02-21 10:36:01 +01:00
Swissky
7f0650dfc0 IIS Raid Persistence 2020-02-20 16:51:22 +01:00
Swissky
73aa26ba68
Merge pull request #158 from 0xdf0xdf/master 
Adding second method of chaining PHP filters
 2020-02-20 13:07:39 +01:00
0xdf
9d06e1297f added additional way to chain php filters 2020-02-20 06:40:30 -05:00
0xdf
7d650e9622 fixed error in chaining php filters in File Inclusion page, added an additional example 2020-02-20 06:30:28 -05:00
Swissky
c2292145c8
Merge pull request #157 from Stoo0rmq/patch-1 
Update File Inclusion
 2020-02-18 12:38:43 +01:00
Borja
7be86354b2
Update File Inclusion 
Added another path
 2020-02-18 11:35:22 +00:00
Swissky
ba30618a8b Cobalt Strike - Artifact 2020-02-14 17:10:00 +01:00
Swissky
7cd49769be WMI + Cobalt Strike 2020-02-13 22:53:45 +01:00
Swissky
b76a23c77f
Merge pull request #156 from bhattsameer/patch-1 
Added more TTY Shell using perl and python
 2020-02-09 12:15:00 +01:00
Sameer Bhatt (debugger)
994e557178
Added more TTY Shell using perl and python 2020-02-09 12:46:18 +05:30
Swissky
aba6874517 Maps API + secretsdump enabled user/pw last set + certutil mimikatz 2020-02-06 21:41:29 +01:00
Swissky
9c4578f083
Merge pull request #155 from socketz/master 
Updated Java & Groovy Shells
 2020-02-06 16:42:35 +01:00
socketz
056161fd9f
Updated Java & Groovy Shells 
Added threaded shells and alternative pure Java reverse shell
 2020-02-06 15:43:58 +01:00
Swissky
37cfa0826e
Merge pull request #154 from antonioCoco/patch-1 
Added fully interactive reverse shell for windows
 2020-02-06 00:36:25 +01:00
antonioCoco
50a376337d
Update Reverse Shell Cheatsheet.md 2020-02-05 23:29:43 +01:00
Swissky
fb76fdc331 Windows Firewall + DLL hijacking + Named pipes 2020-02-01 22:12:36 +01:00
Swissky
8a19532f27
Merge pull request #152 from mcgyver5/master 
Add Exploit for Telerik CVE-2017-9428
 2020-01-29 00:06:57 +01:00
mcgyver5
667ae82aff fixing typo in file name 2020-01-28 17:41:01 +00:00
mcgyver5
bef710fccd add Telerik CVE attacks Telerik UI for ASP.NET ajax dialog handler 2020-01-28 17:33:30 +00:00
Tim
7d41cd750d
Merge pull request #1 from swisskyrepo/master 
Merge pull request #151 from mcgyver5/master
 2020-01-28 12:26:20 -05:00
Swissky
3840683bed
Merge pull request #151 from mcgyver5/master 
add Telerik CVE-2019-18935
 2020-01-27 20:13:28 +01:00
mcgyver5
44c68ca4e9 add Telerik CVE-2019-18935 2020-01-27 15:57:10 +00:00
Swissky
323a012488 Race Condition - First Draft 2020-01-26 12:43:59 +01:00