Mirrors/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 15:14:34 +00:00

Author	SHA1	Message	Date
Alex Lauerman	d5c1f39c0f	Added DNS Rebinding	2020-06-21 16:31:16 -05:00
Alex Lauerman	c39c904c9a	Moved bypasses under the bypasses section	2020-06-21 16:27:32 -05:00
Alex Lauerman	6d37ad9e2e	Improved Clarity of ssrf redirect	2020-06-21 16:19:15 -05:00
Swissky	ecf29c2cbe	Active Directory - Mitigations	2020-06-18 11:55:48 +02:00
bsysop	24981f945f	metadata.nicob.net not long resolve to metadata IP ``` $ dig +short metadata.nicob.net ... ``` Not resolving	2020-06-14 12:08:25 -03:00
Swissky	71ddb449ce	Windows Persistence	2020-06-01 21:37:32 +02:00
Swissky	4ca5e71c2f	Bind shell cheatsheet (Fix #194 )	2020-05-24 14:09:46 +02:00
John	a5d220d599	Added SSRF bypass details	2020-05-13 12:19:36 -04:00
Swissky	89f906f7a8	Fix issue - C reverse shell	2020-04-21 11:17:39 +02:00
Techbrunch	3abf2aff2a	Update AWS SSRF tips Added http://instance-data	2020-03-11 15:20:51 +01:00
Swissky	71171fa78b	SSRF exploiting WSGI	2020-01-05 22:11:28 +01:00
mikesiegel	e024afc9f7	Added anti-SSRF header bypass for GCP.	2019-12-31 15:11:58 +00:00
mikesiegel	7aa2761e3e	Added anti-SSRF header bypass for GCP. Similar technique works on Azure and AWS I'm guessing.	2019-12-31 15:07:20 +00:00
Alexandre ZANNI	54c94e0398	add ref for docker SSRF	2019-11-03 23:50:58 +01:00
Alexandre ZANNI	c6b5bbab2b	fix TOC links	2019-10-22 20:26:04 +02:00
Swissky	7159a3ded3	RODC dcsync note + Dumping AD Domain summary	2019-10-18 00:07:09 +02:00
Swissky	8eae039a28	netdoc:// wrapper for Java SSRF	2019-10-17 21:13:04 +02:00
Swissky	05b3e13098	SSRF for ECS	2019-10-12 13:30:52 +02:00
Swissky	357658371f	SSRF URL for Google Cloud	2019-10-06 20:59:58 +02:00
Swissky	5455c30ec7	Juicy Potato + XXE update	2019-09-08 19:44:51 +02:00
Swissky	b6697d8595	SSRF SVG + Windows Token getsystem	2019-08-15 18:21:06 +02:00
Swissky	05054af343	JWT RS256 to HS256 using pubkey to generate a signature	2019-07-10 20:58:50 +02:00
Swissky	144b3827ab	MS14-068 + /etc/security/opasswd	2019-06-29 17:55:13 +02:00
Swissky	9be62677b6	Add root user + PHP null byte version	2019-06-24 00:21:39 +02:00
Swissky	9c2e63818f	XSS without parenthesis, semi-colon + Lontara	2019-05-15 21:55:17 +02:00
Swissky	bab04f8587	Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp	2019-05-12 21:34:09 +02:00
Swissky	5bb27ee889	SSRF Google Cloud - add ssh key	2019-04-22 11:35:07 +02:00
Swissky	4d3ee90eec	Command injection rewritten	2019-04-21 19:50:50 +02:00
Swissky	81f93a19c2	SSRF AWS Elastic Beanstak	2019-04-21 18:51:32 +02:00
Swissky	49b9d0aff7	MSQL UDF sys_exec + SSRF IP: 127.1 and 127.0.1	2019-04-20 20:23:40 +02:00
Swissky	b8e74fe0ba	Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings	2019-04-14 19:48:36 +02:00
Swissky	c66197903f	MYSQL Truncation attack + Windows search where	2019-04-14 19:46:34 +02:00
PwnFunction	4c6f9e21e9	Bypass using IPv6/IPv4 Address Embedding	2019-04-13 17:06:06 +05:30
Swissky	546ecd0e36	Linux Privesc - /etc/passwd writable	2019-04-07 23:40:36 +02:00
tkmk	0913e8c3bd	Fix changed urls	2019-03-19 20:18:06 +08:00
Swissky	404afd1d71	Fix name's capitalization	2019-03-07 00:07:55 +01:00
Swissky	21d1fe7eee	Fix name - Part 1	2019-03-07 00:07:14 +01:00
Dominic	c0b4381c13	Fix anchors in README.md	2019-03-06 09:22:05 -05:00
Swissky	450de2c90f	Typo fix	2019-03-04 19:40:34 +01:00
cclauss	a3ee78fb80	Use print() function in both Python 2 and Python 3	2019-02-17 23:47:18 +01:00
Swissky	8c1c35789d	SQLmap tamper update	2019-02-10 19:07:27 +01:00
Swissky	20bf52eb6a	Bugfix 3 - removing the "-" in SSRF	2019-01-28 20:35:28 +01:00

42 commits