Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 07:04:22 +00:00
Code Issues Projects Releases Packages Wiki Activity
1750 commits 2 branches 5 tags 52 MiB
Commit graph

65 commits

Author SHA1 Message Date
azurit
226569b753
Update README.md 2023-05-21 14:54:42 +02:00
Swissky
514ac98dac SSRF + XSS details + XXE BOM 2022-12-13 22:29:20 +01:00
Fabian S. Varon Valencia
3822c27634 update old url's 2022-10-26 20:36:15 -05:00
Deep Dhakate
a670a26eea Update 2022-10-02 06:13:01 +00:00
Swissky
fb7f10eab8
Merge pull request #485 from ajdumanhug/master 
SSRF: Don't encode entire IP
 2022-09-06 23:15:20 +02:00
Swissky
8d609b1460
Update README.md 2022-09-06 23:15:12 +02:00
Swissky
84fa229a44
Merge pull request #463 from nismo-s13/master 
Delete Parser & Curl < 7.54.png
 2022-09-06 23:13:55 +02:00
Tasos T
023a3c38e3 Added information on 307 and 308 redirects 2022-05-19 12:55:11 +03:00
Swissky
b0d05faded TruffleHog examples + Cortex XDR disable 2022-04-14 09:42:15 +02:00
Aj Dumanhug
3c441669d8
Update README.md 2022-03-13 01:30:37 +08:00
nismo-s13
35e64b2275
Delete Parser & Curl < 7.54.png 2021-11-24 17:47:39 +13:00
Swissky
21b3a0630f
Update README.md 2021-11-09 13:57:09 +01:00
Techbrunch
a614525b70
Replace xip.io by nip.io 
xip.io appears to be dead
 2021-11-09 11:15:44 +01:00
Philippe Arteau
17e2833f1d Rename file with less than symbol. 2021-10-29 12:26:45 -04:00
Swissky
c957271453
SSRF PDF PhantomJS 2021-09-08 12:49:32 +02:00
clem9669
f4053576f4
Update SSRF 
Adding octal techniques for SSRF. 

DEFCON video: https://www.youtube.com/watch?v=_o1RPJAe4kU
 2021-08-06 15:55:55 +00:00
Aj Dumanhug
78e8bcf136
Add AWS SSRF Bypasses 2021-06-16 23:42:50 +08:00
Swissky
bd2166027e GMSA Password + Dart Reverse Shell 2021-03-24 12:44:35 +01:00
Swissky
8d31b7240b Office Attacks 2021-02-21 20:17:57 +01:00
PwnL0rd
bde7fc738c
added link in the reference section 2020-11-08 12:00:35 +05:30
security-is-myth
f3066722ee update SSRF/README.md with java payloads 2020-11-07 22:07:18 +05:30
security-is-myth
08bc3acb05 update SSRF/README.md with java payloads 2020-11-07 22:03:02 +05:30
Robbie
e8fccb6dd2
Update README.md 
added 169.254.169.254 decimal
 2020-10-31 20:19:27 +00:00
Alex Lauerman
d5c1f39c0f
Added DNS Rebinding 2020-06-21 16:31:16 -05:00
Alex Lauerman
c39c904c9a
Moved bypasses under the bypasses section 2020-06-21 16:27:32 -05:00
Alex Lauerman
6d37ad9e2e
Improved Clarity of ssrf redirect 2020-06-21 16:19:15 -05:00
Swissky
ecf29c2cbe Active Directory - Mitigations 2020-06-18 11:55:48 +02:00
bsysop
24981f945f
metadata.nicob.net not long resolve to metadata IP 
```
$ dig +short metadata.nicob.net
...
```

Not resolving
 2020-06-14 12:08:25 -03:00
Swissky
71ddb449ce Windows Persistence 2020-06-01 21:37:32 +02:00
Swissky
4ca5e71c2f Bind shell cheatsheet (Fix #194) 2020-05-24 14:09:46 +02:00
John
a5d220d599 Added SSRF bypass details 2020-05-13 12:19:36 -04:00
Swissky
89f906f7a8 Fix issue - C reverse shell 2020-04-21 11:17:39 +02:00
Techbrunch
3abf2aff2a
Update AWS SSRF tips 
Added http://instance-data
 2020-03-11 15:20:51 +01:00
Swissky
71171fa78b SSRF exploiting WSGI 2020-01-05 22:11:28 +01:00
mikesiegel
e024afc9f7 Added anti-SSRF header bypass for GCP. 2019-12-31 15:11:58 +00:00
mikesiegel
7aa2761e3e Added anti-SSRF header bypass for GCP. Similar technique works on Azure and AWS I'm guessing. 2019-12-31 15:07:20 +00:00
Alexandre ZANNI
54c94e0398
add ref for docker SSRF 2019-11-03 23:50:58 +01:00
Alexandre ZANNI
c6b5bbab2b
fix TOC links 2019-10-22 20:26:04 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
Swissky
8eae039a28 netdoc:// wrapper for Java SSRF 2019-10-17 21:13:04 +02:00
Swissky
05b3e13098 SSRF for ECS 2019-10-12 13:30:52 +02:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
b6697d8595 SSRF SVG + Windows Token getsystem 2019-08-15 18:21:06 +02:00
Swissky
05054af343 JWT RS256 to HS256 using pubkey to generate a signature 2019-07-10 20:58:50 +02:00
Swissky
144b3827ab MS14-068 + /etc/security/opasswd 2019-06-29 17:55:13 +02:00
Swissky
9be62677b6 Add root user + PHP null byte version 2019-06-24 00:21:39 +02:00
Swissky
9c2e63818f XSS without parenthesis, semi-colon + Lontara 2019-05-15 21:55:17 +02:00
Swissky
bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Swissky
5bb27ee889 SSRF Google Cloud - add ssh key 2019-04-22 11:35:07 +02:00