Mirrors/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-13 14:52:53 +00:00

Author	SHA1	Message	Date
Fabian S. Varon Valencia	5cdc02282c	update 10 password reset flaws URL	2022-10-08 23:30:31 -05:00
Fabian S. Varon Valencia	d214af633c	remove post exploitation koadic link (not found)	2022-10-08 22:53:55 -05:00
Fabian S. Varon Valencia	ea86f20472	Add AMSI Bypass and DPAPI links	2022-10-08 22:53:35 -05:00
Swissky	c06dfbec95	Merge pull request #560 from clem9669/master Update XSS_Polyglots.txt	2022-10-07 00:14:29 +02:00
Swissky	347381d6dc	Merge pull request #565 from gdraperi/master Argument Injection technique	2022-10-06 17:55:58 +02:00
Swissky	ba9eb30940	Fix links	2022-10-06 17:55:16 +02:00
gregory draperi	69c6ee87c6	Argument Injection technique	2022-10-06 16:56:44 +02:00
Swissky	655cec1f1a	Merge pull request #562 from nayeems3c/master Added 2FA bypass via Force Browsing on Account Takeover branch	2022-10-05 18:46:52 +02:00
Swissky	2c10b28976	Merge pull request #561 from gdraperi/patch-2 Update YAML.md	2022-10-05 14:55:34 +02:00
gdraperi	666a90ffee	Update YAML.md Updating the actual risks for Python	2022-10-05 13:47:24 +02:00
Nayeem Islam	7e82d93897	Added 2FA bypass via Force Browsing on Account Takeover branch	2022-10-05 17:42:01 +06:00
clem9669	2aa353a5b9	Update XSS_Polyglots.txt Adding the latest BruteLogic polyglot	2022-10-05 09:45:15 +00:00
Swissky	a766679356	Merge pull request #559 from gdraperi/patch-1 Update README.md	2022-10-05 10:20:58 +02:00
Swissky	643374e1d7	Add reference	2022-10-05 10:20:05 +02:00
gdraperi	2d03a74555	Update README.md Adding payloads for Citrix and Cisco	2022-10-05 10:06:21 +02:00
Swissky	44d761eb2c	Merge pull request #558 from CyberVarun/master Added portswigger labs and reference in Command injection	2022-10-05 09:58:40 +02:00
Varun Jagtap	3022c25995	Added portswigger labs and reference	2022-10-05 12:50:10 +05:30
Swissky	c420ed6bf7	Merge pull request #553 from ndsvw/Linkfix Fixed invalid hyperlink	2022-10-04 11:08:59 +02:00
Swissky	a1c783d8d2	Merge pull request #555 from mschader/patch-8 CVE Exploit: Add trickest CVE repo	2022-10-04 09:42:05 +02:00
Swissky	a5c91d8ed3	Merge pull request #556 from mschader/patch-9 Zip Slip: Add slipit to tools	2022-10-04 09:40:51 +02:00
Swissky	77b0599653	Merge pull request #554 from qligier/master XXE: Improve the documentation	2022-10-03 18:44:54 +02:00
Markus	950114b9e6	Zip Slip: Add slipit to tools	2022-10-03 18:19:28 +02:00
Markus	f8d04cef3b	CVE Exploit: Add trickest CVE repo	2022-10-03 17:51:39 +02:00
Quentin Ligier	6bbdc85aa2	XXE: Improve the documentation - Add two references: "OWASP XXE prevention cheat sheet" and "XXE: How to become a Jedi" - Describe the Parameters Laugh attack - Expand the WAF bypass method with UTF-7 - Update the summary	2022-10-03 17:14:22 +02:00
Alexander Lübeck	576322d475	Fixed invalid hyperlink	2022-10-02 15:58:16 +02:00
Swissky	bbe4bbce05	Merge pull request #552 from swisskyrepo/hacktober-methodo-rework Methodology and enumeration rework	2022-10-02 13:14:35 +02:00
Swissky	99a1304af9	Methodology and enumeration rework	2022-10-02 13:13:16 +02:00
Swissky	3f1689b9bc	Merge pull request #551 from swisskyrepo/hacktober-blind-ssti Blind SSTI Jinja	2022-10-02 12:27:07 +02:00
Swissky	4ed3e3b6b9	Blind SSTI Jinja	2022-10-02 12:24:39 +02:00
Swissky	444d8ad169	Merge pull request #549 from InTruder-Sec/master Added PortSwigger Labs to the repo	2022-10-02 12:16:08 +02:00
Swissky	6b9f6de7dd	Merge pull request #548 from mschader/patch-7 Java RMI: Add remote-method-guesser to tools	2022-10-02 12:14:51 +02:00
Deep Dhakate	a670a26eea	Update	2022-10-02 06:13:01 +00:00
Markus	bd6a1b759a	Java RMI: Add remote-method-guesser to tools This also includes slight adjustments to the README.md to adhere to the current contribution example layout	2022-10-01 22:04:49 +02:00
Deep Dhakate	9f0c70d46f	update	2022-10-01 19:56:49 +00:00
Swissky	9d1421a6c3	Merge pull request #547 from mschader/patch-6 Api Key Leaks: Add Trivy to tools section	2022-10-01 19:01:47 +02:00
Markus	b7d275d5b0	Api Key Leaks: Add Trivy to tools section	2022-10-01 17:20:51 +02:00
Swissky	72a8556dc9	NodeJS Serialization	2022-09-23 11:21:29 +02:00
Swissky	7a528ccb3f	Merge pull request #545 from noraj/patch-1 Blind NoSQL scripts	2022-09-23 00:38:05 +02:00
Alexandre ZANNI	7e2fa15462	Blind NoSQL scripts - add missing menu item - use better string interpolation for python script - add ruby script	2022-09-23 00:36:41 +02:00
Swissky	2d30e22121	DPAPI - Data Protection API	2022-09-23 00:35:34 +02:00
Swissky	6b76c452a7	Merge pull request #544 from Processus-Thief/master update hekatomb to install with pip	2022-09-22 16:12:23 +02:00
Processus Thief	8d564ff78b	update hekatomb to install with pip hekatomb is now available on pypi to simplify its installation	2022-09-22 16:10:20 +02:00
Swissky	097756da1c	Merge pull request #543 from noraj/patch-1 add 3 template engines + add lang in menu	2022-09-21 11:42:32 +02:00
Alexandre ZANNI	3e68276fb7	add 3 template engines + add lang in menu	2022-09-21 11:28:57 +02:00
Swissky	c3421582bc	Merge pull request #542 from Processus-Thief/master Adding Hekatomb.py to DPAPI credentials stealing	2022-09-20 22:31:07 +02:00
Processus Thief	885f8bdb8f	Adding Hekatomb.py to DPAPI credentials stealing Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers. Finally, it will extract domain controller private key through RPC uses it to decrypt all credentials. More infos here : https://github.com/Processus-Thief/HEKATOMB	2022-09-20 16:56:07 +02:00
Swissky	267713c0fb	YAML Deserialization	2022-09-16 16:37:40 +02:00
Swissky	e677f07197	Merge pull request #539 from dhmosfunk/master add a new tool for manually http request smuggling exploitation	2022-09-16 08:53:00 +02:00
Dhmos Funk	b4e7add674	add simple http smuggler generator for easiest manually exploitation	2022-09-16 02:30:57 +03:00
Dhmos Funk	d5aed653e8	Update README.md	2022-09-14 18:05:31 +03:00

1 2 3 4 5 ...

1546 commits