Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-13 00:17:17 +00:00
Code Issues Projects Releases Packages Wiki Activity
1911 commits 2 branches 5 tags 55 MiB
Commit graph

1911 commits

This branch
This branch
All branches
Author SHA1 Message Date
idealphase
33d9e24bed
Update Ruby.md 
Change from the invalid 404 URL to the valid one. (https://pentesterlab.com/exercises/ruby_ugadget/course)
 2024-05-05 16:16:36 +07:00
Swissky
53d9014b2b Regular Expression ReDoS 2024-04-25 17:37:16 +02:00
Swissky
43a8c6a037 Adding socials buttons 2024-04-24 22:02:04 +02:00
Swissky
b245d3cbdd Mkdocs accessibility and search improvement 2024-04-15 21:20:02 +02:00
Swissky
293723d49d
Merge pull request #712 from bsysop/patch-4 
Adding "Hetzner Cloud" to the Summary
 2024-04-05 18:55:52 +02:00
bsysop
dc461f170e
Adding "Hetzner Cloud" to the Summary 2024-04-05 11:55:54 -03:00
Swissky
9571306b9f
Merge pull request #711 from bsysop/patch-3 
Adding Hetzner Cloud Metadata URL
 2024-04-05 15:53:05 +02:00
bsysop
3c9fdec3da
Adding Hetzner Cloud Metadata URL 
https://docs.hetzner.cloud/#server-metadata
 2024-04-04 23:43:34 -03:00
Swissky
80dda8beeb
Merge pull request #710 from mohnad-0b/patch-1 
Update SQLite Injection.md
 2024-04-03 18:15:31 +02:00
Swissky
8ef458db2a
Merge pull request #708 from xplo1t-sec/master 
bypass techniques added
 2024-04-03 18:15:03 +02:00
mohnad banat
d834abe43c
Update SQLite Injection.md 
Since sqlite version 3.33.0, sqlite_schema has been replaced by sqlite_master.
 2024-04-01 20:46:09 +03:00
Swissky
b19dc0626a CICD - Mkdocs fixed the fonts problem 2024-03-31 16:03:48 +02:00
Swissky
55afcb12fb Removing social plugins from Mkdocs 2024-03-30 13:20:56 +01:00
Swissky
9cabd995fb
Merge pull request #709 from mpgn/master 
switch to nxc as cme is archived
 2024-03-29 22:36:26 +01:00
mpgn
0d98284034 switch to nxc as cme is archived 2024-03-29 21:22:18 +00:00
xplo1t-sec
033982dc30 bypass techniques added 2024-03-09 21:46:33 +05:30
Swissky
dd2b68b70e PHP Deserialization + API keys table typo 2024-02-18 15:29:21 +01:00
Swissky
97cfeee270 Tools Update 2024-01-21 21:39:23 +01:00
Swissky
12c6531ad2 README - Update links to Internal All The Things 2024-01-12 16:18:36 +01:00
Swissky
c852118ec8 Web Cache Deception + phpt file format 2024-01-11 12:20:25 +01:00
Swissky
4b77292aeb
Merge pull request #704 from therealtoastycat/patch-1 
Adding reverse shell payload for OGNL
 2024-01-05 15:45:19 +01:00
ToastyCat
05f441accf
Update Reverse Shell Cheatsheet.md 
adding details
 2024-01-05 10:25:39 +01:00
Swissky
c6f96f7b2a
Merge pull request #703 from Aftab700/JSON-Prototype-Pollution 
adding the payload for Polluting the prototype via the `constructor`  property in JSON input
 2024-01-05 10:24:16 +01:00
Swissky
f96c1e4356
Merge pull request #701 from Vunnm/patch-1 
specify condition to perform Angular JS Injection
 2024-01-05 10:23:50 +01:00
ToastyCat
3d9363fdc9
Adding reverse shell payload for OGNL 2024-01-05 09:50:43 +01:00
Aftab Sama
08063f0830
adding the payload for Polluting the prototype via the constructor property in JSON input 
Somtimes `__proto__` property may not work, so adding the payload for Polluting the prototype via the `constructor` property in JSON input
 2024-01-03 17:24:28 +05:30
Vunnm
27d19813f8
specify condition to perform Angular JS Injection 
Indicate that ng-app in a root element is needed to inject Angular JS template. Injecting below payload without a root element with ng-app will not result in a successful injection
 2023-12-28 13:30:49 +01:00
Swissky
cbc6e78d2a SOCIAL - site url 2023-12-25 22:11:52 +01:00
Swissky
845fa52f8b SOCIAL - Cards 2023-12-24 14:05:50 +01:00
Swissky
5c42373a25 PHP filter prefix and suffix 2023-12-21 20:12:04 +01:00
Swissky
9fc0acc7e0
Merge pull request #700 from mschader/fix/ad-smbmap-fix-1 
Update Active Directory Attack.md
 2023-12-14 14:44:28 +01:00
Swissky
c579e6d043 Argument Injection 2023-12-14 14:38:39 +01:00
Markus
838d7c8c65
Update Active Directory Attack.md 
Change recursive parameter for smbmap as listed in the documentation
 2023-12-14 11:56:04 +01:00
Swissky
b07c5df892 CSS - Update style color + Blind SQL Oracle 2023-12-10 13:27:21 +01:00
Swissky
4a66a4ed25 CSS - Update style for Chrome 2023-12-04 10:46:10 +01:00
Swissky
1c42bfe5ca
Merge pull request #698 from m10x/master 
Added TInjA and the Template Injection Table
 2023-12-03 18:56:44 +01:00
Maximilian Hildebrand
db1357bb3c
Added TInjA and the Template Injection Table 
Both are novel tools to help Pentesters / Bug bounty hunters to detect template injections
 2023-12-03 13:15:47 +01:00
Swissky
57703ed7ed plocate and Azure AD updates 2023-12-01 22:21:05 +01:00
Swissky
bb71d4ad14
Merge pull request #696 from jenaye/PrintSpoofer 
[Add] - Priv esc windows (PrintSpoofer)
 2023-11-17 12:11:48 +01:00
enaylal
4684fed4aa add priv esc windows 2023-11-16 23:37:12 +01:00
Swissky
d93a228b40
Merge pull request #692 from jlkl/master 
Add two methods about LFI to RCE via PHP PEARCMD
 2023-11-12 18:21:16 +01:00
Swissky
3ba405954a
Merge pull request #693 from bountyhacking/patch-1 
Update README.md
 2023-11-12 18:20:38 +01:00
Swissky
711b44c6b0
Merge pull request #695 from hebelsan/patch-1 
latex injection add blacklist bypass
 2023-11-12 13:15:46 +01:00
Alexander Hebel
ae3f91c88a
latex injection add blacklist bypass 2023-11-12 11:13:41 +01:00
Swissky
d80068cc1b Privileged File Delete 2023-11-04 15:52:29 +01:00
Thomas Emerson Glucklich
49bc19e992
Update README.md 2023-11-01 11:32:31 -04:00
Swissky
46208ca898 Prompt Injection - RCE payloads 2023-11-01 13:56:38 +01:00
Swissky
ed081d7f29 Vulnerability Reports 2023-10-31 17:45:24 +01:00
Str3am
95a85b455d
Add two methods about LFI to RCE via PHP PEARCMD, and delete extra double quotes in method 2 payload 2023-11-01 00:35:59 +08:00
Str3am
072cac04d6
Add two methods about LFI to RCE via PHP PEARCMD 2023-11-01 00:26:27 +08:00