KeoOp
|
598d2ca3fa
|
Update README.md
|
2023-06-07 14:15:07 +08:00 |
|
Swissky
|
b8c803717a
|
WDAC Policy Removal + SSRF domains
|
2023-05-31 14:18:25 +02:00 |
|
azurit
|
226569b753
|
Update README.md
|
2023-05-21 14:54:42 +02:00 |
|
Swissky
|
f85f2cb4c6
|
Merge pull request #644 from rdbo/patch-1
Fixed typos on README.md
|
2023-05-18 13:32:58 +02:00 |
|
Rdbo
|
83b2d80a56
|
fixed typos
|
2023-05-18 01:58:36 +00:00 |
|
Swissky
|
0a07e07d00
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2023-05-15 19:23:58 +02:00 |
|
Swissky
|
6adfe5d865
|
GraphQL Batching Attacks
|
2023-05-15 19:23:07 +02:00 |
|
Swissky
|
af4ade2a44
|
Merge pull request #643 from p0dalirius/patch-2
SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]
|
2023-05-09 20:16:05 +02:00 |
|
Rémi GASCOU (Podalirius)
|
b3f98adf0c
|
SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]
|
2023-05-09 20:15:02 +02:00 |
|
Swissky
|
8d2c30e969
|
Merge pull request #642 from p0dalirius/patch-1
Adding Jinja2 RCE through lipsum in Templates
|
2023-05-09 18:58:57 +02:00 |
|
Rémi GASCOU (Podalirius)
|
9c2b040242
|
Adding Jinja2 RCE through lipsum in Templates
|
2023-05-09 18:34:35 +02:00 |
|
Swissky
|
5af6a23a2e
|
DPAPI LocalMachine + BitLocker
|
2023-05-08 17:08:25 +02:00 |
|
Swissky
|
0dd92aa89d
|
Merge pull request #640 from m3dsec/patch-2
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)
|
2023-05-08 16:22:30 +02:00 |
|
m3dsec
|
8156f495fb
|
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)
|
2023-04-30 21:45:33 +01:00 |
|
Swissky
|
55df53105e
|
Merge pull request #639 from TomWilford/master
Added Twig 'passthru' filter exploits
|
2023-04-28 16:24:20 +02:00 |
|
Tom Wilford
|
c1dc141e13
|
Added 'passthru' filter exploits
|
2023-04-28 14:47:59 +01:00 |
|
Swissky
|
1e66a42bba
|
Merge pull request #638 from ZkClown/master
Add some stuff on Office exec, Network Recon and Active Directory methodo
|
2023-04-20 21:31:23 +02:00 |
|
ZkClown
|
0f4d747913
|
Add injection into AD through ldap signing not required and ldap channel binding disabled
|
2023-04-20 15:38:26 +02:00 |
|
ZkClown
|
8b543c80aa
|
Add network scan with pure bash
|
2023-04-20 15:21:48 +02:00 |
|
ZkClown
|
2a4ce78080
|
Add Office execute WinAPI via VBA
|
2023-04-20 15:00:33 +02:00 |
|
Swissky
|
b0445a7250
|
Merge pull request #637 from ZkClown/master
Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling
|
2023-04-19 21:51:04 +02:00 |
|
ZkClown
|
47df1695a1
|
Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling
|
2023-04-19 17:59:10 +02:00 |
|
Swissky
|
e717839fda
|
Merge pull request #635 from MatteoPaier/fix-param-pollution-golang
Fixed Golang net/http param pollution outcome
|
2023-04-14 17:48:01 +02:00 |
|
Swissky
|
6861c46fcd
|
MySQL MSSQL Oracle SQL Update
|
2023-04-14 17:45:45 +02:00 |
|
Matteo Paier
|
c3f5da6014
|
Fixed Golang net/http param pollution outcome
|
2023-04-14 14:41:35 +02:00 |
|
Swissky
|
25d2be529f
|
BadSecrets Tool
|
2023-04-12 13:12:33 +02:00 |
|
Swissky
|
ff6c22b86e
|
Merge pull request #634 from mpgn/master
Fix path with sessionS with an S for php
|
2023-04-12 11:27:26 +02:00 |
|
mpgn
|
3c7c863233
|
Fix path with sessionS with an S for php
|
2023-04-11 17:08:57 +02:00 |
|
Swissky
|
14c6c9642d
|
Merge pull request #633 from harunoz/patch-1
Update README.md
|
2023-04-09 18:41:00 +02:00 |
|
Harun
|
87e78b4c4b
|
Update README.md
Added Node.js
|
2023-04-09 12:35:43 -04:00 |
|
Swissky
|
86cc53244d
|
LOL Drivers
|
2023-04-07 09:22:07 +02:00 |
|
Swissky
|
30d17b4924
|
Fix markdown typo ESC1-9
|
2023-04-05 12:47:47 +02:00 |
|
Swissky
|
0a70636d28
|
ETW Providers
|
2023-04-03 10:48:53 +02:00 |
|
Swissky
|
d040c0e677
|
Web Cache Deception Methodology
|
2023-03-28 21:53:53 +02:00 |
|
Swissky
|
fddd094ee1
|
LFI iconv and dechunk + ETW + NTDS Dump Rework
|
2023-03-27 22:38:25 +02:00 |
|
Swissky
|
dd0c23f9a2
|
ImageMagick Typo
|
2023-03-19 22:46:56 +01:00 |
|
Swissky
|
723b3213b2
|
Windows Information Protection
|
2023-03-18 19:55:43 +01:00 |
|
Swissky
|
579207aa8f
|
JWT jku and jwks - manual exploitation
|
2023-03-12 18:02:29 +01:00 |
|
Swissky
|
d5729888c3
|
S4U Extension
|
2023-03-11 17:53:16 +01:00 |
|
Swissky
|
b88457367b
|
Active Directory Integrated DNS
|
2023-03-11 11:52:52 +01:00 |
|
Swissky
|
5e8737485b
|
Fix responsive - rollback - FF was glitching
|
2023-03-11 00:11:27 +01:00 |
|
Swissky
|
648f4ad2ca
|
Fix responsive icons
|
2023-03-10 23:45:27 +01:00 |
|
Swissky
|
084efe8a6b
|
Fix responsive display on PATT Web
|
2023-03-10 23:20:39 +01:00 |
|
Swissky
|
f379b60ef1
|
Web Theme + Credential Guard + PPL
|
2023-03-10 22:14:22 +01:00 |
|
Mat
|
5817de1fb2
|
Add documentation for PDF JS PoC
|
2023-03-07 17:10:23 +01:00 |
|
Swissky
|
e43f1527c0
|
JWT rework 0.2: jwks + kid + cve
|
2023-03-07 11:39:39 +01:00 |
|
Swissky
|
2a3d175620
|
GraphQL and JWT rework v0.1
|
2023-03-05 12:05:43 +01:00 |
|
Swissky
|
776b2bd934
|
Merge pull request #629 from maxence-Doyensec/file-upload-uwsgi
add uwsgi configuration file to Upload Insecure File
|
2023-03-01 15:13:07 +01:00 |
|
Maxence Schmitt
|
5f8b3f8a14
|
add uwsgi configuration file to Upload Insecure File
|
2023-03-01 14:49:31 +01:00 |
|
Swissky
|
7ef9babc9f
|
Merge pull request #627 from noraj/patch-1
add "GraphQL for Pentesters" ref
|
2023-02-26 14:14:56 +01:00 |
|