Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 15:14:34 +00:00
Code Issues Projects Releases Packages Wiki Activity
713 commits 2 branches 5 tags 53 MiB
Commit graph

713 commits

This branch
This branch
All branches
Author SHA1 Message Date
Swissky
5c7e67b05d
Merge pull request #197 from guanicoe/patch-2 
Update Windows - Privilege Escalation.md
 2020-05-03 23:17:05 +02:00
guanicoe
1fc8b57c85
Update Windows - Privilege Escalation.md 
added Get-Process to list processes
 2020-05-03 21:11:01 +00:00
Swissky
5163ef902c XSS Google Scholar Payload + Skeleton Key Persistence 2020-05-03 16:28:17 +02:00
Swissky
e9b296adb3 DoyenSec Payloads XSS Google Scholar 2020-05-02 14:31:33 +02:00
Swissky
da5dc1299e MSSQL Trusted Link 2020-05-01 12:06:18 +02:00
Swissky
008cbcf9fc
Merge pull request #196 from idealphase/master 
Adding Execute code using SSTI for ERB engine in SSTI vulnerability payload
 2020-04-30 12:30:40 +02:00
idealphase
712e3b93f6
Sorting like basic injection part 2020-04-30 17:15:31 +07:00
idealphase
7f1fb32980
Adding Execute code using SSTI for ERB engine. 2020-04-30 17:13:58 +07:00
Swissky
04899355ad Magic Hashes + SQL fuzz 2020-04-26 21:43:42 +02:00
Swissky
879ead1558
Merge pull request #193 from pascalschulz/patch-1 
added Hacksplained's YT channel
 2020-04-23 13:27:27 +02:00
Pascal Schulz
bdf06d4183
added Hacksplained's YT channel 2020-04-23 13:11:51 +02:00
Swissky
02ec624732
Merge pull request #192 from thibaudrobin/master 
Linux privesc - SSH Key Predictable PRNG (Authorized_Keys) Process
 2020-04-22 16:11:41 +02:00
Th1b4ud
7c8e9ac4ce Typo 2020-04-22 16:01:49 +02:00
Th1b4ud
14d03b96a1 Linux privesc - SSH Key Predictable PRNG (Authorized_Keys) Process - Summary 2020-04-22 16:00:31 +02:00
Th1b4ud
2e507a2b2f Linux privesc - SSH Key Predictable PRNG (Authorized_Keys) Process 2020-04-22 15:55:10 +02:00
Swissky
298da2d4e4
Merge pull request #191 from drakang4/patch-1 
Fix typo
 2020-04-22 09:59:31 +02:00
Heeryong Kang
c2b8018617
fix typo 2020-04-22 16:09:18 +09:00
Swissky
bf73393921
Merge pull request #188 from bohdansec/master 
Update Cloudflare XSS bypasses
 2020-04-21 23:57:06 +02:00
bohdansec
c4af354d8f
Update Cloudflare XSS bypasses 
Add 3 bypasses by Bohdan Korzhynskyi. Update twitter
 2020-04-22 00:51:36 +03:00
bohdansec
2615968e96
Merge pull request #1 from swisskyrepo/master 
Update
 2020-04-22 00:12:54 +03:00
Swissky
735b0d2277
Merge pull request #187 from thibaudrobin/patch-2 
Alternative TTY method with /usr/bin/script
 2020-04-21 23:12:26 +02:00
Th1b4ud
2740600a6b
Alternative TTY method with /usr/bin/script 2020-04-21 19:21:51 +02:00
Swissky
eaac0e748e Fix issue #185 2020-04-21 11:31:18 +02:00
Swissky
c8c4a6e8a9 Fix issue #185 2020-04-21 11:26:49 +02:00
Swissky
89f906f7a8 Fix issue - C reverse shell 2020-04-21 11:17:39 +02:00
Swissky
95fed140ec Fix - SSTI Payloads 2020-04-21 11:13:19 +02:00
Swissky
0de5cb7123
Merge pull request #186 from Techbrunch/patch-6 
Add insomnia to GraphQL list of tools
 2020-04-21 10:56:59 +02:00
Techbrunch
ade039c1bc
Add insomnia to GraphQL list of tools 2020-04-21 10:49:47 +02:00
Swissky
1d8414c703 ASP.NET Razor SSTI 2020-04-18 21:18:22 +02:00
Swissky
af6760ef7a RoadRecon + JSON None refs 2020-04-17 16:34:51 +02:00
Swissky
44e676ea70
Merge pull request #182 from thibaudrobin/patch-1 
Add others shell on reverse shell cheatsheet
 2020-04-13 19:42:58 +02:00
Swissky
a19fd013fb
Merge pull request #181 from SecGus/master 
Added RCE SSTI Jinja2 Bypass payload developed by SecGus (chivato)
 2020-04-13 19:42:14 +02:00
chiv
7e7f5e7628 Added SSTI RCE bypass payload for Jinja2 2020-04-13 18:48:43 +01:00
chiv
cc3b05017d Added a new RCE payload to Jinja2 SSTI bypasses 2020-04-13 18:44:16 +01:00
Th1b4ud
29194a8ef1
Add others shell on reverse shell cheatsheet 
Add others shell on reverse shell cheatsheet
 2020-04-13 19:06:01 +02:00
Swissky
bc8dd0b784
Merge pull request #180 from mindfuckup/master 
Added: Other CORS Misconfigurations
 2020-04-12 17:51:52 +02:00
Emanuel Duss
54e3887077 Added PortSwigger Web Security Academy CORS Link 2020-04-12 15:12:34 +02:00
Emanuel Duss
3e5b367224 Added CORS Exploit when wildcard origin is allowed 2020-04-12 15:06:28 +02:00
Emanuel Duss
f120024c6b Added CORS exploitation with strict trusted origin whitelist using XSS 2020-04-12 14:57:04 +02:00
Emanuel Duss
48fcdeb7ca Some clarification in the exploit code 2020-04-12 14:38:52 +02:00
Emanuel Duss
4537555714 Added: CORS Misconfiguration with Null Origin allowed 2020-04-12 14:30:16 +02:00
Swissky
dd42b44011
Merge pull request #179 from mindfuckup/master 
Added: Cross-Site WebSocket Hijacking (CSWSH)
 2020-04-11 18:26:22 +02:00
Emanuel Duss
930a3a0d8c Added: Cross-Site WebSocket Hijacking (CSWSH) 2020-04-11 16:24:32 +02:00
Swissky
89e49b676d
Merge pull request #178 from Techbrunch/patch-4 
Create web.web.config
 2020-04-08 19:26:31 +02:00
Techbrunch
5902da38e4
Create web.web.config 
Source: https://gist.github.com/gazcbm/ea7206fbbad83f62080e0bbbeda77d9c
 2020-04-08 19:14:30 +02:00
Swissky
cea982c062 GraphQL Voyager - Represent any GraphQL API as an interactive graph 2020-04-04 22:33:28 +02:00
Swissky
6e7af5a267 Docker Registry - Pull/Download 2020-04-04 18:27:41 +02:00
Swissky
f748af16d2
Merge pull request #176 from Anon-Exploiter/patch-1 
Using JWT's module to encode payload with type `None`
 2020-04-04 14:49:37 +02:00
Syed Umar Arfeen
c9fcb58d57
Using JWT's module to encode payload with type None 
Before the JWT was being encoded/decoded and that was done manually. The JWT's module does all that without manual decoding and splitting. 

This PR contains the code to encode the JWT token with type None while using JWT's library in python.
 2020-04-04 16:03:56 +05:00
Swissky
78bd0867fe
Merge pull request #175 from 3rg1s/master 
Update SQLite Injection.md
 2020-04-04 02:22:44 +02:00