Commit graph

548 commits

Author SHA1 Message Date
nizam0906
bb2c247160
Added List Database Administrator Accounts
SELECT datname FROM pg_database
2019-10-29 10:32:39 +05:30
Alexandre ZANNI
52119907f6
add XXEinjector 2019-10-29 00:41:04 +01:00
Swissky
5094ef8b10 XXE in XLSX 2019-10-28 20:46:19 +01:00
Swissky
534d46d0e4
Merge pull request #113 from Q5Ca/patch-1
Add bypass WAF no equal using BETWEEN
2019-10-28 18:21:26 +01:00
Swissky
be3ef08d19
Merge pull request #112 from nizam0906/master
Added More PostgreSQL Injection Queries And Blind XSS endpoint
2019-10-28 18:20:54 +01:00
duongdpt
135af74acd
Update README.md
Add bypass waf using BETWEEN
2019-10-28 22:26:28 +07:00
nizam0906
ab341cff38
Updated Blind XSS endpoint
* User Agent
* Comment Box
2019-10-28 16:51:36 +05:30
nizam0906
3dcd4425a8
Added more PostgreSQL Injection Queries
* PostgreSQL version
* PostgreSQL Current User
* PostgreSQL List Users
* PostgreSQL List Password Hashes
* PostgreSQL List Privileges
* PostgreSQL database name
* PostgreSQL List databases
* PostgreSQL List tables
* PostgreSQL List columns
* PostgreSQL Stacked query
2019-10-28 16:26:49 +05:30
Swissky
56ec623412
Merge pull request #111 from noraj/patch-1
XPATH: add tools
2019-10-26 21:46:18 +02:00
Swissky
68f1a17b57
Merge pull request #110 from nizam0906/master
Update PostgreSQL Injection.md
2019-10-26 21:44:25 +02:00
Alexandre ZANNI
525429c0d8
XPATH: add tools 2019-10-26 16:43:36 +02:00
nizam0906
f35ace93cf
Update PostgreSQL Injection.md
Updated PostgreSQL Error Based injections
2019-10-26 18:07:14 +05:30
Swissky
882eec0566
Merge pull request #109 from nizam0906/master
Added 3 yahoo jsonp endpoints
2019-10-26 11:39:57 +02:00
nizam0906
aef5bb864a
Update jsonp_endpoint.txt
Added 3 yahoo jsonp endpoints
* https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337)
* https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337)
* https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y-
2019-10-25 22:27:16 +05:30
Swissky
32c18fdf56
Merge pull request #108 from nizam0906/master
Added 6 MYSQL DIOS
2019-10-25 17:04:57 +02:00
nizam0906
5b59da70f7
Update MySQL Injection.md
Added 6 MYSQL DIOS
* Zen
* Zen WAF
* ~tr0jAn WAF
* ~tr0jAn Benchmark
* N1Z4M
* sharik
2019-10-25 18:11:11 +05:30
Swissky
88f020381d Out of band XPATH 2019-10-22 23:06:35 +02:00
Swissky
3464611c00
Merge pull request #107 from noraj/patch-1
fix TOC links
2019-10-22 21:41:28 +02:00
Alexandre ZANNI
c6b5bbab2b
fix TOC links 2019-10-22 20:26:04 +02:00
Swissky
727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Hi15358
b54142c3a2
Update Reverse Shell Cheatsheet.md 2019-10-21 02:35:13 +08:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
Swissky
8eae039a28 netdoc:// wrapper for Java SSRF 2019-10-17 21:13:04 +02:00
Swissky
67a68d7eac
Merge pull request #105 from Zeecka/patch-3
Add filter iconv utf16 LFI bypass tricks
2019-10-17 19:39:00 +02:00
Alex Zeecka
83caef8ee1
Add filter iconv utf16 LFI bypass tricks 2019-10-17 17:40:59 +02:00
Swissky
b22742ba9e
Merge pull request #103 from Ali-Yazdani/patch-1
Update readme.md
2019-10-16 23:35:04 +02:00
Ali Yazdani
52d02cea63
Update readme.md
Add some related security tools.
2019-10-16 14:45:42 +02:00
Swissky
6a81a130cc
Merge pull request #102 from op01/master
Update Silver Ticket
2019-10-15 19:17:03 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
05b3e13098 SSRF for ECS 2019-10-12 13:30:52 +02:00
Swissky
57628ffd18
Merge pull request #101 from Ali-Yazdani/patch-1
Add Kubernetes file
2019-10-11 14:36:54 +02:00
Ali Yazdani
03d02ccdd6
Create readme.md
Adding Kubernetes file
2019-10-11 12:56:22 +02:00
Swissky
320a9fad31
Merge pull request #100 from noraj/patch-1
little changes
2019-10-09 20:49:20 +02:00
Alexandre ZANNI
9f463d156b
little changes
- fix exploits ToC anchor
- add nosqlilab
2019-10-09 16:53:34 +02:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Swissky
8b0bd4d655
Merge pull request #99 from marcan2020/patch-4
Add  Angular Automatic Sanitization
2019-10-03 16:14:06 +02:00
Swissky
54d6161c9d
Merge pull request #98 from marcan2020/patch-3
Add .NET references
2019-10-03 16:13:25 +02:00
Swissky
cb9b7a1304
Merge pull request #97 from marcan2020/patch-2
Fix dead youtube link
2019-10-03 16:13:00 +02:00
marcan2020
920da73bd7
Add Angular automatic sanitization 2019-10-02 21:24:53 -04:00
marcan2020
4f38666c35
Add .NET references 2019-10-02 20:23:37 -04:00
marcan2020
e180d1f7e6
Fix dead youtube link 2019-10-02 20:09:41 -04:00
Swissky
e1e5397d4c
Merge pull request #96 from h3xstream/master
Add local DTD section to the XXE Injection page
2019-10-02 20:41:37 +02:00
Philippe Arteau
f2beb0dbbc
Add local DTD section to the XXE Injection page 2019-10-01 18:22:42 -04:00
Swissky
6a11a6c670
Merge pull request #94 from Luci-d/patch-1
Add Spyse to network discovery
2019-09-30 14:08:00 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
9a02958b51 API Key Leaks - Twitter/Twilio/Gitlab 2019-09-22 17:06:44 +02:00
Swissky
8061cdd856
Merge pull request #92 from Techbrunch/patch-2
Add XXE payload inside SVG
2019-09-18 08:12:37 +02:00