Meatballs1
|
1e4e04831b
|
Create httpd.conf
|
2018-12-13 23:56:10 +00:00 |
|
Swissky
|
68325c8b98
|
Insecure deserialization Python
|
2018-11-27 23:04:17 +01:00 |
|
Swissky
|
c8d7575ba3
|
Minor edit in deserialization PHP and type juggling
|
2018-11-26 23:35:43 +01:00 |
|
Swissky
|
521d61d956
|
Attacks details + Summary JWT + XXE adjustments
|
2018-11-26 00:25:06 +01:00 |
|
Swissky
|
928a454531
|
Blind XSS endpoint + SSRF Google + Nmap subdomains
|
2018-11-25 15:44:17 +01:00 |
|
Swissky
|
b34cff5a74
|
XXE in docx, pptx, .. : Open XML files
|
2018-11-24 15:50:43 +01:00 |
|
Swissky
|
1225a9a23d
|
Metasploit Cheatsheet
|
2018-11-24 15:32:44 +01:00 |
|
Swissky
|
565b40d177
|
reGeorg + Meterpreter socks + S3 trick name
|
2018-11-24 13:49:08 +01:00 |
|
Swissky
|
0309a2efbd
|
Merge pull request #30 from m-veljkovic/master
Update README.md
|
2018-11-19 14:01:44 +01:00 |
|
Milan Veljkovic
|
59d0020c86
|
Update README.md
|
2018-11-19 12:45:01 +01:00 |
|
Swissky
|
a0f8e846fa
|
Blind XSS - XSS Hunter, Sleepy Puppy etc
|
2018-11-18 15:37:01 +01:00 |
|
Swissky
|
fd99da6c06
|
Insecure source code - harvesting secrets
|
2018-11-18 14:12:05 +01:00 |
|
Swissky
|
5c1d025b03
|
README - CVE update
|
2018-11-18 13:40:47 +01:00 |
|
Swissky
|
7096b813ec
|
Insecure direct object references - IDOR
|
2018-11-17 17:08:46 +01:00 |
|
Swissky
|
182db99e13
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2018-11-17 14:41:40 +01:00 |
|
Swissky
|
3522d9a674
|
Files JPEG -> JPG + Tag v2
|
2018-11-17 14:40:12 +01:00 |
|
Swissky
|
133518a78b
|
Merge pull request #28 from om3rcitak/patch-1
add new attack patterns from Daniel miessler
|
2018-11-16 13:49:35 +01:00 |
|
omer citak
|
081df9b24d
|
add new attack patterns from Daniel miessler
https://github.com/danielmiessler/SecLists/edit/master/Fuzzing/Polyglots/XSS-Polyglots.txt
new attack patterns: line 1, 2, 3.
|
2018-11-16 14:45:51 +03:00 |
|
Swissky
|
af9abc6592
|
More CVE - RCE : Jenkins, JBoss, WebLogic, WebSphere
|
2018-11-15 23:13:08 +01:00 |
|
Swissky
|
15fe34052b
|
Ruby Deserialization
|
2018-11-13 23:38:40 +01:00 |
|
Swissky
|
d181ff4e79
|
Deserialization - merging Java, PHP
|
2018-11-13 23:25:18 +01:00 |
|
Swissky
|
ddfdc51e68
|
Credit fix - WAF bypass
|
2018-11-09 12:43:30 +01:00 |
|
Swissky
|
1b2ee3e67a
|
Subdomain enumeration - New Aquatone (Go)
|
2018-11-05 13:45:52 +01:00 |
|
Swissky
|
6bcb43e39c
|
LDAP fix typo + LDAP attributes + LFI filter chaining
|
2018-11-02 13:50:56 +01:00 |
|
Swissky
|
86db6b7f6f
|
Polyglot XSS from @filedescriptor's Polyglot Challenge
|
2018-10-31 23:41:11 +01:00 |
|
Swissky
|
4b7fe437a5
|
LDAP userPassword attribute
|
2018-10-31 22:34:10 +01:00 |
|
Swissky
|
add00c7357
|
JWT JSON Web Token + SSI files
|
2018-10-29 22:22:10 +01:00 |
|
Swissky
|
7b919e4492
|
AWS cp files and grant access with ACL
|
2018-10-20 17:03:13 +02:00 |
|
Swissky
|
f1eefd2722
|
Script Docker RCE
|
2018-10-18 17:32:01 +02:00 |
|
Swissky
|
f8019e2234
|
Merge pull request #27 from timwis/patch-1
Remove gender-specific pronoun for attacker
|
2018-10-11 09:09:42 +02:00 |
|
Tim Wisniewski
|
4f6841ed17
|
Remove gender-specific pronoun for attacker
Wouldn't want anyone to think they can't grow up to be an attacker too! :)
|
2018-10-10 23:54:18 -04:00 |
|
Swissky
|
ea1c3a7ccb
|
Merge pull request #26 from Techbrunch/patch-1
Add Rancher Metadata Service
|
2018-10-08 23:02:35 +02:00 |
|
Techbrunch
|
78103d13a1
|
Add Rancher Metadata Service
|
2018-10-08 21:46:57 +02:00 |
|
Swissky
|
35d4139373
|
WebCache param miner file + Reverse shell Python TTY
|
2018-10-08 13:49:50 +02:00 |
|
Swissky
|
869b29195b
|
SQLmap --crawl, --form
|
2018-10-04 19:59:11 +02:00 |
|
Swissky
|
f0a8b6f8b8
|
Koadic cheatsheet renamed to "Windows - Post Exploitation"
|
2018-10-04 17:39:55 +02:00 |
|
Swissky
|
9ebf2057c5
|
Koadic Cheatsheet + Linux persistence in startup .desktop file
|
2018-10-04 17:35:57 +02:00 |
|
Swissky
|
747f1d172c
|
Reverse shell python for Windows + Lua + Awk
|
2018-10-02 17:17:03 +02:00 |
|
Swissky
|
824d8c370b
|
Bugfix README + Can I take over xyz
|
2018-10-02 16:57:01 +02:00 |
|
Swissky
|
1c5f8889bd
|
Network Discovery and Subdomains enumerations
|
2018-10-02 16:17:16 +02:00 |
|
Swissky
|
b315252c89
|
LFI - Intruder files (Windows,Linux,Logs...)
|
2018-10-01 17:11:51 +02:00 |
|
Swissky
|
a3975ab261
|
SQLmap TOR + Cookie + Proxy
|
2018-10-01 16:03:07 +02:00 |
|
Swissky
|
7b49f1b13a
|
PHP Serialization - phpggc
|
2018-10-01 12:30:14 +02:00 |
|
Swissky
|
6ca5ff1703
|
PHP Serialization Auth Bypass - Merge pull request #25 from noraj/patch-2
add auth bypass
|
2018-09-26 18:04:08 +02:00 |
|
Alexandre ZANNI
|
3cf806c8ff
|
2nd unserialize payload
|
2018-09-26 00:13:19 +02:00 |
|
Alexandre ZANNI
|
d49e40b1b2
|
add auth bypass
|
2018-09-25 23:59:29 +02:00 |
|
Swissky
|
1a1a48c725
|
Web Cache Deception details from SI9INT's blogpost
|
2018-09-23 20:07:19 +02:00 |
|
Swissky
|
8bef006d7f
|
MSSQL Comments - Merge pull request #24 from Margular/patch-1
add comments
|
2018-09-22 23:12:23 +02:00 |
|
时雨
|
20c1e5c075
|
add comments
|
2018-09-23 02:30:03 +08:00 |
|
Swissky
|
cce0444245
|
SQL injection - Intruders payloads
|
2018-09-21 18:44:32 +02:00 |
|