Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-11-10 15:14:34 +00:00
Code Issues Projects Releases Packages Wiki Activity
487 commits 2 branches 5 tags 53 MiB
Commit graph

487 commits

This branch
This branch
All branches
Author SHA1 Message Date
nizam0906
bb2c247160
Added List Database Administrator Accounts 
SELECT datname FROM pg_database
 2019-10-29 10:32:39 +05:30
nizam0906
ab341cff38
Updated Blind XSS endpoint 
* User Agent
* Comment Box
 2019-10-28 16:51:36 +05:30
nizam0906
3dcd4425a8
Added more PostgreSQL Injection Queries 
* PostgreSQL version
* PostgreSQL Current User
* PostgreSQL List Users
* PostgreSQL List Password Hashes
* PostgreSQL List Privileges
* PostgreSQL database name
* PostgreSQL List databases
* PostgreSQL List tables
* PostgreSQL List columns
* PostgreSQL Stacked query
 2019-10-28 16:26:49 +05:30
nizam0906
f35ace93cf
Update PostgreSQL Injection.md 
Updated PostgreSQL Error Based injections
 2019-10-26 18:07:14 +05:30
nizam0906
aef5bb864a
Update jsonp_endpoint.txt 
Added 3 yahoo jsonp endpoints
* https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337)
* https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337)
* https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y-
 2019-10-25 22:27:16 +05:30
nizam0906
5b59da70f7
Update MySQL Injection.md 
Added 6 MYSQL DIOS
* Zen
* Zen WAF
* ~tr0jAn WAF
* ~tr0jAn Benchmark
* N1Z4M
* sharik
 2019-10-25 18:11:11 +05:30
Swissky
88f020381d Out of band XPATH 2019-10-22 23:06:35 +02:00
Swissky
3464611c00
Merge pull request #107 from noraj/patch-1 
fix TOC links
 2019-10-22 21:41:28 +02:00
Alexandre ZANNI
c6b5bbab2b
fix TOC links 2019-10-22 20:26:04 +02:00
Swissky
727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
Swissky
8eae039a28 netdoc:// wrapper for Java SSRF 2019-10-17 21:13:04 +02:00
Swissky
67a68d7eac
Merge pull request #105 from Zeecka/patch-3 
Add filter iconv utf16 LFI bypass tricks
 2019-10-17 19:39:00 +02:00
Alex Zeecka
83caef8ee1
Add filter iconv utf16 LFI bypass tricks 2019-10-17 17:40:59 +02:00
Swissky
b22742ba9e
Merge pull request #103 from Ali-Yazdani/patch-1 
Update readme.md
 2019-10-16 23:35:04 +02:00
Ali Yazdani
52d02cea63
Update readme.md 
Add some related security tools.
 2019-10-16 14:45:42 +02:00
Swissky
6a81a130cc
Merge pull request #102 from op01/master 
Update Silver Ticket
 2019-10-15 19:17:03 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
05b3e13098 SSRF for ECS 2019-10-12 13:30:52 +02:00
Swissky
57628ffd18
Merge pull request #101 from Ali-Yazdani/patch-1 
Add Kubernetes file
 2019-10-11 14:36:54 +02:00
Ali Yazdani
03d02ccdd6
Create readme.md 
Adding Kubernetes file
 2019-10-11 12:56:22 +02:00
Swissky
320a9fad31
Merge pull request #100 from noraj/patch-1 
little changes
 2019-10-09 20:49:20 +02:00
Alexandre ZANNI
9f463d156b
little changes 
- fix exploits ToC anchor
- add nosqlilab
 2019-10-09 16:53:34 +02:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Swissky
8b0bd4d655
Merge pull request #99 from marcan2020/patch-4 
Add  Angular Automatic Sanitization
 2019-10-03 16:14:06 +02:00
Swissky
54d6161c9d
Merge pull request #98 from marcan2020/patch-3 
Add .NET references
 2019-10-03 16:13:25 +02:00
Swissky
cb9b7a1304
Merge pull request #97 from marcan2020/patch-2 
Fix dead youtube link
 2019-10-03 16:13:00 +02:00
marcan2020
920da73bd7
Add Angular automatic sanitization 2019-10-02 21:24:53 -04:00
marcan2020
4f38666c35
Add .NET references 2019-10-02 20:23:37 -04:00
marcan2020
e180d1f7e6
Fix dead youtube link 2019-10-02 20:09:41 -04:00
Swissky
e1e5397d4c
Merge pull request #96 from h3xstream/master 
Add local DTD section to the XXE Injection page
 2019-10-02 20:41:37 +02:00
Philippe Arteau
f2beb0dbbc
Add local DTD section to the XXE Injection page 2019-10-01 18:22:42 -04:00
Swissky
6a11a6c670
Merge pull request #94 from Luci-d/patch-1 
Add Spyse to network discovery
 2019-09-30 14:08:00 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery 
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
 2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
9a02958b51 API Key Leaks - Twitter/Twilio/Gitlab 2019-09-22 17:06:44 +02:00
Swissky
8061cdd856
Merge pull request #92 from Techbrunch/patch-2 
Add XXE payload inside SVG
 2019-09-18 08:12:37 +02:00
Techbrunch
8822199f65
Add XXE payload inside SVG 
Source: https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload
 2019-09-17 16:23:14 +02:00
Swissky
a0917241ad Pebble - Server Side Template Injection 2019-09-17 15:43:13 +02:00
Swissky
e6f94af721
Update FUNDING.yml with buymeacoffee 2019-09-13 17:49:47 +02:00
Swissky
742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Swissky
2a4c4f46b2
Merge pull request #88 from ricardojba/patch-1 
Add Host/Split Unicode Normalization
 2019-08-30 10:03:46 +02:00
Ricardo
0625e2aebf
Add Host/Split Unicode Normalization 
Add Host/Split Exploitable Antipatterns in Unicode Normalization BH 2019 for filter bypass
 2019-08-30 08:57:22 +01:00
Swissky
c6824e7aa9
Merge pull request #86 from JLLeitschuh/patch-1 
Add XSS dot filter bypass with decimal IP
 2019-08-29 20:12:51 +02:00
Swissky
da3bdc5f61
Merge pull request #87 from noraj/patch-1 
add missing backtick
 2019-08-29 10:31:47 +02:00