Swissky
|
1dae291696
|
IIS MachineKeys + CI/CD + CSPT + ORM leak
|
2024-08-26 11:27:47 +02:00 |
|
R4yan
|
0aac7e8267
|
Update README.md
|
2024-07-28 21:16:30 +02:00 |
|
Xhoenix
|
80707e805b
|
added bypass techniques
|
2024-07-25 11:57:43 +05:30 |
|
Xhoenix
|
1a475b6e1d
|
added bypass techniques
|
2024-07-15 11:58:02 +05:30 |
|
Horlad
|
b521dedb24
|
Adding r3dir tool to SSRF README.md
|
2024-06-27 17:01:41 +02:00 |
|
Horlad
|
4cf17a3fab
|
Update SSRF with redirect examples using r3dir README.md
|
2024-06-27 16:57:45 +02:00 |
|
Alexandre ZANNI
|
8e05a2dd2a
|
XSS in SVG: more examples + nesting
|
2024-06-19 14:54:19 +02:00 |
|
isacaya
|
ca3ab6eb95
|
Add a few XSS filter bypass cases
|
2024-06-19 04:21:24 +09:00 |
|
Swissky
|
314e4da963
|
SSRF DNS AXFR + LFI PHAR payloads + LFI iconv
|
2024-06-16 21:17:42 +02:00 |
|
Swissky
|
7e4a38a1a5
|
Merge pull request #725 from masquerad3r/master
Create port_swigger_xss_cheatsheet_event_handlers.txt
|
2024-06-06 17:52:33 +02:00 |
|
masquerad3r
|
eca067dd7e
|
Create port_swigger_xss_cheatsheet_event_handlers.txt
Updated list of event handlers taken from https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#event-handlers.
Useful when the context of reflection is an HTML attribute and one quickly wants to check which attributes are reflected unfiltered by the target application.
|
2024-06-06 10:46:13 +02:00 |
|
Swissky
|
c34a2bac15
|
WAF bypass moved to a separate page
|
2024-06-03 09:55:29 +02:00 |
|
Swissky
|
2e73069238
|
XSS Tel URI
|
2024-06-03 09:37:24 +02:00 |
|
Swissky
|
6d3fef0df3
|
Merge pull request #723 from cydave/master
Add additional XSS payload in email addresses RFC5322
|
2024-06-02 11:25:45 +02:00 |
|
Swissky
|
cb69cecd11
|
Merge pull request #721 from MarkCyber/master
DBMS Identification Via Error
|
2024-06-02 11:23:13 +02:00 |
|
Swissky
|
25c94f809a
|
Uniqid + reset-tolkien and sandwich attack
|
2024-05-31 16:31:23 +02:00 |
|
dave
|
fcf69f8226
|
Add additional XSS payload in email addresses RFC5322
|
2024-05-31 13:27:32 +02:00 |
|
Swissky
|
b5251a673f
|
XSLT payloads + Headless Browser
|
2024-05-31 00:07:21 +02:00 |
|
Swissky
|
ded1d95735
|
ASP Cookieless + ReDOS backtrack
|
2024-05-29 23:23:51 +02:00 |
|
Swissky
|
67adf75bc2
|
CSP updates + Indirect Prompt Injection
|
2024-05-29 15:32:58 +02:00 |
|
Mark
|
c3af630e1d
|
Update README.md
|
2024-05-26 10:40:54 -04:00 |
|
Mark
|
867f243100
|
Update README.md
|
2024-05-26 10:32:01 -04:00 |
|
Swissky
|
f723bcbf8a
|
Merge pull request #718 from idealphase/master
Update Ruby.md
|
2024-05-05 13:08:50 +02:00 |
|
Swissky
|
670b301b1c
|
Merge pull request #717 from nojanath/master
Fix link to SecLists/content-type.txt
|
2024-05-05 13:07:57 +02:00 |
|
idealphase
|
33d9e24bed
|
Update Ruby.md
Change from the invalid 404 URL to the valid one. (https://pentesterlab.com/exercises/ruby_ugadget/course)
|
2024-05-05 16:16:36 +07:00 |
|
Jonathan Thompson
|
7a68102a3c
|
Fix link to SecLists/content-type.txt
|
2024-05-04 11:12:54 -07:00 |
|
Swissky
|
53d9014b2b
|
Regular Expression ReDoS
|
2024-04-25 17:37:16 +02:00 |
|
Swissky
|
43a8c6a037
|
Adding socials buttons
|
2024-04-24 22:02:04 +02:00 |
|
Swissky
|
b245d3cbdd
|
Mkdocs accessibility and search improvement
|
2024-04-15 21:20:02 +02:00 |
|
Swissky
|
293723d49d
|
Merge pull request #712 from bsysop/patch-4
Adding "Hetzner Cloud" to the Summary
|
2024-04-05 18:55:52 +02:00 |
|
bsysop
|
dc461f170e
|
Adding "Hetzner Cloud" to the Summary
|
2024-04-05 11:55:54 -03:00 |
|
Swissky
|
9571306b9f
|
Merge pull request #711 from bsysop/patch-3
Adding Hetzner Cloud Metadata URL
|
2024-04-05 15:53:05 +02:00 |
|
bsysop
|
3c9fdec3da
|
Adding Hetzner Cloud Metadata URL
https://docs.hetzner.cloud/#server-metadata
|
2024-04-04 23:43:34 -03:00 |
|
Swissky
|
80dda8beeb
|
Merge pull request #710 from mohnad-0b/patch-1
Update SQLite Injection.md
|
2024-04-03 18:15:31 +02:00 |
|
Swissky
|
8ef458db2a
|
Merge pull request #708 from xplo1t-sec/master
bypass techniques added
|
2024-04-03 18:15:03 +02:00 |
|
mohnad banat
|
d834abe43c
|
Update SQLite Injection.md
Since sqlite version 3.33.0, sqlite_schema has been replaced by sqlite_master.
|
2024-04-01 20:46:09 +03:00 |
|
Swissky
|
b19dc0626a
|
CICD - Mkdocs fixed the fonts problem
|
2024-03-31 16:03:48 +02:00 |
|
Swissky
|
55afcb12fb
|
Removing social plugins from Mkdocs
|
2024-03-30 13:20:56 +01:00 |
|
Swissky
|
9cabd995fb
|
Merge pull request #709 from mpgn/master
switch to nxc as cme is archived
|
2024-03-29 22:36:26 +01:00 |
|
mpgn
|
0d98284034
|
switch to nxc as cme is archived
|
2024-03-29 21:22:18 +00:00 |
|
xplo1t-sec
|
033982dc30
|
bypass techniques added
|
2024-03-09 21:46:33 +05:30 |
|
Swissky
|
dd2b68b70e
|
PHP Deserialization + API keys table typo
|
2024-02-18 15:29:21 +01:00 |
|
Swissky
|
97cfeee270
|
Tools Update
|
2024-01-21 21:39:23 +01:00 |
|
Swissky
|
12c6531ad2
|
README - Update links to Internal All The Things
|
2024-01-12 16:18:36 +01:00 |
|
Swissky
|
c852118ec8
|
Web Cache Deception + phpt file format
|
2024-01-11 12:20:25 +01:00 |
|
Swissky
|
4b77292aeb
|
Merge pull request #704 from therealtoastycat/patch-1
Adding reverse shell payload for OGNL
|
2024-01-05 15:45:19 +01:00 |
|
ToastyCat
|
05f441accf
|
Update Reverse Shell Cheatsheet.md
adding details
|
2024-01-05 10:25:39 +01:00 |
|
Swissky
|
c6f96f7b2a
|
Merge pull request #703 from Aftab700/JSON-Prototype-Pollution
adding the payload for Polluting the prototype via the `constructor` property in JSON input
|
2024-01-05 10:24:16 +01:00 |
|
Swissky
|
f96c1e4356
|
Merge pull request #701 from Vunnm/patch-1
specify condition to perform Angular JS Injection
|
2024-01-05 10:23:50 +01:00 |
|
ToastyCat
|
3d9363fdc9
|
Adding reverse shell payload for OGNL
|
2024-01-05 09:50:43 +01:00 |
|