Jaimin Gohel
|
3b4218e2a6
|
Added CTF writeup in reference section
Added below URL:
https://medium.com/@jaimin_gohel/ctf-writeup-php-object-injection-in-kaspersky-ctf-28a68805610d
|
2019-03-20 12:19:25 +05:30 |
|
Swissky
|
06ec486aa5
|
Merge pull request #52 from tkmikan/master
Fix changed urls
|
2019-03-19 23:57:31 +01:00 |
|
tkmk
|
0913e8c3bd
|
Fix changed urls
|
2019-03-19 20:18:06 +08:00 |
|
Swissky
|
2d4b98b9c2
|
Merge pull request #50 from clem9669/patch-1
MarkDown typo
|
2019-03-19 08:37:13 +01:00 |
|
clem9669
|
8ed6cdb9ae
|
MarkDown typo
|
2019-03-18 23:06:22 +00:00 |
|
Swissky
|
e9489f0768
|
Linux Priv Esc - minor update
|
2019-03-18 23:19:36 +01:00 |
|
Swissky
|
e5090f2797
|
Bazaar - version control system
|
2019-03-15 23:27:14 +01:00 |
|
Swissky
|
47490c1624
|
Merge pull request #49 from BitTheByte/master
Fixed a typing mistake
|
2019-03-15 16:07:18 +01:00 |
|
Ahmed Ezzat
|
87b2ae3ef1
|
Fixed a typing mistake
|
2019-03-15 16:09:58 +02:00 |
|
Swissky
|
9d1ebbacdb
|
JSON Web Token - jwt_tool example
|
2019-03-10 13:33:50 +01:00 |
|
Swissky
|
ec61e99334
|
Linux - PrivEsc typo
|
2019-03-08 20:09:01 +01:00 |
|
Swissky
|
b22fd26800
|
Linux PrivEsc - LXD Group
|
2019-03-07 15:27:54 +01:00 |
|
Swissky
|
68df152fd3
|
Linux PrivEsc - Wildcard/NFS/Sudo
|
2019-03-07 15:09:06 +01:00 |
|
Swissky
|
404afd1d71
|
Fix name's capitalization
|
2019-03-07 00:07:55 +01:00 |
|
Swissky
|
21d1fe7eee
|
Fix name - Part 1
|
2019-03-07 00:07:14 +01:00 |
|
Swissky
|
ee334f981e
|
Web socket + title capitalization
|
2019-03-07 00:03:25 +01:00 |
|
Swissky
|
ef65f36902
|
Merge pull request #48 from dee-see/patch-1
Fix anchors in README.md
|
2019-03-06 16:16:08 +01:00 |
|
Dominic
|
c0b4381c13
|
Fix anchors in README.md
|
2019-03-06 09:22:05 -05:00 |
|
Swissky
|
f67be6ef0b
|
Merge pull request #47 from naliferopoulos/master
Added GraphQL injection notes
|
2019-03-06 13:53:13 +01:00 |
|
Nick Aliferopoulos
|
007a1eda83
|
Added GraphQL injection notes
|
2019-03-06 14:18:54 +02:00 |
|
Swissky
|
450de2c90f
|
Typo fix
|
2019-03-04 19:40:34 +01:00 |
|
Swissky
|
e36b15a6d7
|
Windows PrivEsc - Table of content update
|
2019-03-03 20:05:27 +01:00 |
|
Swissky
|
ecadcf3d0f
|
Windows PrivEsc - Full rewrite
|
2019-03-03 20:01:25 +01:00 |
|
Swissky
|
2d5b4f2193
|
Meterpreter generate + LaTeK XSS + Ruby Yaml
|
2019-03-03 16:31:17 +01:00 |
|
Swissky
|
6d2cd684fa
|
Web cache deception resources update
|
2019-03-01 17:49:19 +01:00 |
|
Swissky
|
70225232c9
|
Polyglot Command Injection + XSS HTML file
|
2019-02-28 00:36:53 +01:00 |
|
Swissky
|
a58a8113d1
|
Linux capabilities - setuid + read / Docker group privesc
|
2019-02-26 17:24:10 +01:00 |
|
Swissky
|
abb81aba7e
|
Merge pull request #46 from 0xInfection/patch-2
Added a new bypass variant + fixed a payload
|
2019-02-20 08:14:27 +01:00 |
|
Infected Drake
|
4187f87d0d
|
Added a new bypass variant + fixed a payload
|
2019-02-20 11:17:49 +05:30 |
|
Swissky
|
79f2c52ef5
|
EICAR file
|
2019-02-19 21:06:23 +01:00 |
|
Swissky
|
c14fe62d0a
|
Merge pull request #43 from cclauss/print-function
Use print() function in both Python 2 and Python 3
|
2019-02-19 21:01:14 +01:00 |
|
Swissky
|
a4e695a92e
|
Merge pull request #44 from annnoo/patch-1
Fixed Hack The Box-Link
|
2019-02-18 13:47:12 +01:00 |
|
Anno
|
119c4f4712
|
Fixed Hack The Box-Link
Fixed Hack The Box-Link
|
2019-02-18 13:08:45 +01:00 |
|
cclauss
|
a3ee78fb80
|
Use print() function in both Python 2 and Python 3
|
2019-02-17 23:47:18 +01:00 |
|
Swissky
|
4e17443d62
|
SQL injection - MySQL version for error based
|
2019-02-17 22:56:09 +01:00 |
|
Swissky
|
40f86d39b0
|
MYSQL - Extract data without columns name
|
2019-02-17 21:51:21 +01:00 |
|
Swissky
|
78c882fb34
|
Jenkins Grrovy + MSSQL UNC + PostgreSQL list files
|
2019-02-17 20:02:16 +01:00 |
|
swisskyrepo
|
eac421432a
|
File upload - merging old files
|
2019-02-15 16:00:50 +01:00 |
|
swisskyrepo
|
88d5af0b19
|
JWT - Payload detail
|
2019-02-11 14:04:38 +01:00 |
|
Swissky
|
bb0177916d
|
Merge pull request #40 from Bo0oM/patch-1
Fix fake xss
|
2019-02-11 10:05:31 +01:00 |
|
Anton Lopanitsyn
|
200a2d38d8
|
Fix fake xss
Actually, is not XSS.
Running scripts like <a href="data:text/html,<script>alert(location.origin)</script>">clickme</a> have location.origin "null".
|
2019-02-11 09:34:13 +03:00 |
|
Swissky
|
f2273f5cce
|
PrivExchange attack
|
2019-02-10 19:51:54 +01:00 |
|
Swissky
|
8c1c35789d
|
SQLmap tamper update
|
2019-02-10 19:07:27 +01:00 |
|
Swissky
|
1c37517bf3
|
.git/index file parsing + fix CSRF payload typo
|
2019-02-07 23:33:47 +01:00 |
|
Swissky
|
8ff2aa8aff
|
Merge pull request #39 from n3v4/master
Update exif_imagetype bypass
|
2019-02-07 14:01:43 +01:00 |
|
Vladislav Nechakhin
|
90db8b0f11
|
Update exif_imagetype bypass
|
2019-02-07 14:59:22 +07:00 |
|
Vladislav Nechakhin
|
7877647db1
|
Update exif_imagetype bypass
|
2019-02-07 14:51:03 +07:00 |
|
Swissky
|
357f8a69a8
|
Merge pull request #38 from n3v4/master
Add exif_imagetype bypass
|
2019-02-02 11:36:22 +01:00 |
|
Vladislav Nechakhin
|
b30ac4e5bb
|
Add exif_imagetype bypass
|
2019-02-02 17:29:04 +07:00 |
|
Swissky
|
ffde81e2c0
|
Merge pull request #37 from marcan2020/patch-1
Update MSSQL Command execution
|
2019-01-29 23:14:09 +01:00 |
|