Swissky
|
6b1c98010d
|
Merge pull request #10 from melvinsh/master
Add CSRF to OAuth2
|
2017-10-16 09:55:31 +02:00 |
|
Melvin Lammerts
|
59971e95d2
|
Add CSRF to OAuth2
Not sure if it qualifies as a _payload_ but I'll let you be the judge of that :)
|
2017-10-16 08:41:43 +02:00 |
|
Swissky
|
d16aec6f6a
|
Tomcat CVE-2017-12617
|
2017-10-10 10:19:14 +02:00 |
|
Swissky
|
a2d5fe5cad
|
Upload .htaccess to PHP code exec
|
2017-10-09 23:17:31 +02:00 |
|
Swissky
|
6ad7965efc
|
SSRF AWS + Shell.php{3,4,5,7}
|
2017-09-27 14:37:07 +02:00 |
|
Swissky
|
87ef554e40
|
LFI to RCE via input:// stream
|
2017-09-24 00:37:56 +02:00 |
|
Swissky
|
3e6043be32
|
LFI - PHPSessid technique, more bypass and files
|
2017-09-24 00:32:55 +02:00 |
|
Swissky
|
278a130940
|
Command Exec - ``, $() and more bypasses
|
2017-09-23 23:30:40 +02:00 |
|
Swissky
|
e7cb8a2ce1
|
SSRF - Gopher Protocol
|
2017-09-19 20:35:18 +02:00 |
|
Swissky
|
1ca215d5d7
|
Multiple update - LFI/RCE via phpinfo, Struts2 v2
|
2017-09-13 23:55:29 +02:00 |
|
Swissky
|
c36d31ec5d
|
LFI via /proc/*/fd + upload
|
2017-08-15 02:37:09 +02:00 |
|
Swissky
|
901d279fb3
|
RCE no {}, no space
|
2017-08-13 16:35:12 +02:00 |
|
Swissky
|
9adb81e6d8
|
SSRF URL Scheme + XXE Soap
|
2017-08-07 21:42:14 +02:00 |
|
Swissky
|
91e3c6906c
|
Merge pull request #7 from rakeshmane/master
Update README.md
|
2017-08-07 19:29:35 +02:00 |
|
Rakesh Mane
|
6e42b617cc
|
Update README.md
|
2017-08-07 21:22:36 +05:30 |
|
Swissky
|
dad26ce5e5
|
More Burp Intruder file - SQLi + Path traversal + XSS
|
2017-08-06 01:12:41 +02:00 |
|
Swissky
|
694b980817
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2017-08-03 21:36:38 +02:00 |
|
Swissky
|
635b9f87f7
|
Reverse Shell Cheatsheet
|
2017-08-03 21:35:43 +02:00 |
|
Swissky
|
9c9e1cc082
|
Merge pull request #6 from unl1k3ly/patch-1
Update README.md
|
2017-08-01 11:43:11 +02:00 |
|
unl1k3ly
|
be624c99ca
|
Update README.md
check bucket disk size
|
2017-08-01 08:37:04 +10:00 |
|
Swissky
|
af48fc1ed4
|
More intruders folder - for BurpSuite
|
2017-07-30 13:42:32 +02:00 |
|
Swissky
|
8a3693855f
|
XSS Intruder + Eicar + SSRF http://0
|
2017-07-30 13:17:00 +02:00 |
|
Swissky
|
064467ecfc
|
SSTI + XSS Flash
|
2017-07-16 16:30:08 +02:00 |
|
Swissky
|
77e2fc8226
|
LDAP & XPATH injection + Small fixes and payloads
|
2017-07-14 23:40:31 +02:00 |
|
Swissky
|
9907a55c24
|
Image Magick - More payloads
|
2017-07-09 17:16:42 +02:00 |
|
Swissky
|
c4b49fa5ac
|
Open Redirect Payloads updated
|
2017-07-06 21:02:19 +02:00 |
|
Swissky
|
6070ece522
|
Symbolic Link Zip + SQL injection ORDER BY
|
2017-07-04 23:17:59 +02:00 |
|
Swissky
|
a1fbd41bbb
|
Wrapper PHP inclusion updated
|
2017-07-02 23:10:34 +02:00 |
|
Swissky
|
ab63a537e7
|
FFMpeg injection - Bypass and explanation
|
2017-06-28 22:45:36 +02:00 |
|
Swissky
|
240e46e1e1
|
XXE via DTD and PHP Filter
|
2017-06-28 21:43:30 +02:00 |
|
Swissky
|
43f8367df0
|
Update Image Tragick payloads
|
2017-06-28 11:23:16 +02:00 |
|
Swissky
|
220e9cb8bd
|
FFMpeg HLS - read passwd/shadow
|
2017-06-26 21:32:10 +02:00 |
|
Swissky
|
d97cb891df
|
AWS Bucket : Listings open bucket/reading and access
|
2017-06-18 18:42:12 +02:00 |
|
Swissky
|
f131aebce4
|
SSRF updates and methodology aquatone tool
|
2017-06-17 23:20:24 +02:00 |
|
Swissky
|
7c865ab8aa
|
CVE Struts RCE + AWS ls + RCE spaceless Windows + Methodology updated
|
2017-06-05 14:57:28 +02:00 |
|
Swissky
|
2e75cbe25a
|
Git insecure files renamed + svn method added
|
2017-06-04 17:58:09 +02:00 |
|
Swissky
|
94470a2544
|
More payloads for XSS/SQL/LFI/Upload and XXE
|
2017-06-04 17:22:26 +02:00 |
|
Swissky
|
58aed12c9d
|
CRLF injection updated
|
2017-05-29 20:41:05 +02:00 |
|
Swissky
|
e89e4fd312
|
Methodology updated with RPCClient, User enumeration
|
2017-05-17 20:40:45 +02:00 |
|
Swissky
|
62f686dc1f
|
Methodology updated - Dorks, Subdomains, Nmap
|
2017-05-01 22:40:36 +02:00 |
|
Swissky
|
00be7d958c
|
README : Bug bounty added
|
2017-04-25 23:22:55 +02:00 |
|
Swissky
|
85b62cee39
|
README update : more books and tools
|
2017-04-08 15:59:40 +02:00 |
|
Swissky
|
d21dcdd463
|
Merge pull request #3 from sokaRepo/master
Add Jinja Template injections
|
2017-04-01 17:57:12 +02:00 |
|
Soka
|
bb98bd9339
|
Add Template injections + Jinja template injection
|
2017-04-01 18:53:43 +03:00 |
|
Soka
|
76b15d575e
|
Add Template injections + Jinja template injection
|
2017-04-01 18:48:44 +03:00 |
|
Swissky
|
b57c7c9e3d
|
README - Youtube references
|
2017-03-30 20:24:48 +02:00 |
|
Swissky
|
9211d40871
|
Methodology - The Harvester + Checklist v2
|
2017-03-30 20:20:52 +02:00 |
|
Swissky
|
7e739b02ad
|
Methodology - The Harvester + Checklist
|
2017-03-26 20:51:40 +02:00 |
|
Swissky
|
3d917be066
|
Methodology - Burp config + Nikto
|
2017-03-26 20:40:32 +02:00 |
|
Swissky
|
af01b04a30
|
Methodology update - design + nmap
|
2017-03-26 18:00:23 +02:00 |
|