Commit graph

966 commits

Author SHA1 Message Date
Reelix
694e9e4dbd
Added an alternate possible Found condition to POST 2019-10-29 21:11:56 +02:00
Swissky
55d1731897
Merge pull request #116 from nizam0906/master
Added More Updates in SQL Injection
2019-10-29 17:11:28 +01:00
nizam0906
d41e0d33bd
Added Summary in Hibernate Query Language Injection 2019-10-29 19:47:42 +05:30
nizam0906
4d94e553b9
Added Summary in Cassandra Injection 2019-10-29 19:42:49 +05:30
nizam0906
fe8c7be2fb
Fixed Broken Links in SQL injection README.md 2019-10-29 19:33:09 +05:30
nizam0906
a69c2acb7d
Added Summary in SQLite Injection 2019-10-29 19:22:49 +05:30
nizam0906
4b1f7e629d
Fixed Broken Links in PostgreSQL Injection 2019-10-29 19:06:41 +05:30
nizam0906
20d6599772
Added Summary 2019-10-29 18:57:33 +05:30
nizam0906
ca59b1d217
Fixed Broken Links in MSSQL Injection
Fixed Broken Links in MSSQL Injection
2019-10-29 18:44:28 +05:30
nizam0906
a33dce0d60
Fixed Broken Links 2019-10-29 18:25:00 +05:30
nizam0906
7d6fab92fa
Update Detect columns number
Using SELECT * FROM SOME_EXISTING_TABLE Error Based
2019-10-29 18:11:58 +05:30
nizam0906
614e8a97b9
Updated Detect columns number
Detect columns number using LIMIT INTO Error Based
2019-10-29 16:48:11 +05:30
nizam0906
f81f9440b8
Added More Ways to Detect columns number
using order by or group by
using order by or group by error based
using UNION SELECT Error Based
2019-10-29 16:32:22 +05:30
Swissky
b7fdf8aa3f
Merge pull request #106 from Hi15358/master
Update Reverse Shell Cheatsheet.md and Directory Traversal
2019-10-29 10:14:07 +01:00
Hi15358
34d8853728
Merge pull request #1 from Hi15358/patch-1
Patch 1
2019-10-29 16:30:58 +08:00
Hi15358
bb7e6b7cd0
Update README.md 2019-10-29 16:23:39 +08:00
Swissky
377aad4061
Merge pull request #115 from nizam0906/master
Added List Database Administrator Accounts
2019-10-29 08:36:01 +01:00
Swissky
b25694239b
Merge pull request #114 from noraj/patch-1
XXE: add XXEinjector
2019-10-29 08:35:31 +01:00
nizam0906
bb2c247160
Added List Database Administrator Accounts
SELECT datname FROM pg_database
2019-10-29 10:32:39 +05:30
Alexandre ZANNI
52119907f6
add XXEinjector 2019-10-29 00:41:04 +01:00
Swissky
5094ef8b10 XXE in XLSX 2019-10-28 20:46:19 +01:00
Swissky
534d46d0e4
Merge pull request #113 from Q5Ca/patch-1
Add bypass WAF no equal using BETWEEN
2019-10-28 18:21:26 +01:00
Swissky
be3ef08d19
Merge pull request #112 from nizam0906/master
Added More PostgreSQL Injection Queries And Blind XSS endpoint
2019-10-28 18:20:54 +01:00
duongdpt
135af74acd
Update README.md
Add bypass waf using BETWEEN
2019-10-28 22:26:28 +07:00
nizam0906
ab341cff38
Updated Blind XSS endpoint
* User Agent
* Comment Box
2019-10-28 16:51:36 +05:30
nizam0906
3dcd4425a8
Added more PostgreSQL Injection Queries
* PostgreSQL version
* PostgreSQL Current User
* PostgreSQL List Users
* PostgreSQL List Password Hashes
* PostgreSQL List Privileges
* PostgreSQL database name
* PostgreSQL List databases
* PostgreSQL List tables
* PostgreSQL List columns
* PostgreSQL Stacked query
2019-10-28 16:26:49 +05:30
Swissky
56ec623412
Merge pull request #111 from noraj/patch-1
XPATH: add tools
2019-10-26 21:46:18 +02:00
Swissky
68f1a17b57
Merge pull request #110 from nizam0906/master
Update PostgreSQL Injection.md
2019-10-26 21:44:25 +02:00
Alexandre ZANNI
525429c0d8
XPATH: add tools 2019-10-26 16:43:36 +02:00
nizam0906
f35ace93cf
Update PostgreSQL Injection.md
Updated PostgreSQL Error Based injections
2019-10-26 18:07:14 +05:30
Swissky
882eec0566
Merge pull request #109 from nizam0906/master
Added 3 yahoo jsonp endpoints
2019-10-26 11:39:57 +02:00
nizam0906
aef5bb864a
Update jsonp_endpoint.txt
Added 3 yahoo jsonp endpoints
* https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337)
* https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337)
* https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y-
2019-10-25 22:27:16 +05:30
Swissky
32c18fdf56
Merge pull request #108 from nizam0906/master
Added 6 MYSQL DIOS
2019-10-25 17:04:57 +02:00
nizam0906
5b59da70f7
Update MySQL Injection.md
Added 6 MYSQL DIOS
* Zen
* Zen WAF
* ~tr0jAn WAF
* ~tr0jAn Benchmark
* N1Z4M
* sharik
2019-10-25 18:11:11 +05:30
Swissky
88f020381d Out of band XPATH 2019-10-22 23:06:35 +02:00
Swissky
3464611c00
Merge pull request #107 from noraj/patch-1
fix TOC links
2019-10-22 21:41:28 +02:00
Alexandre ZANNI
c6b5bbab2b
fix TOC links 2019-10-22 20:26:04 +02:00
Swissky
727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Hi15358
b54142c3a2
Update Reverse Shell Cheatsheet.md 2019-10-21 02:35:13 +08:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
Swissky
8eae039a28 netdoc:// wrapper for Java SSRF 2019-10-17 21:13:04 +02:00
Swissky
67a68d7eac
Merge pull request #105 from Zeecka/patch-3
Add filter iconv utf16 LFI bypass tricks
2019-10-17 19:39:00 +02:00
Alex Zeecka
83caef8ee1
Add filter iconv utf16 LFI bypass tricks 2019-10-17 17:40:59 +02:00
Swissky
b22742ba9e
Merge pull request #103 from Ali-Yazdani/patch-1
Update readme.md
2019-10-16 23:35:04 +02:00
Ali Yazdani
52d02cea63
Update readme.md
Add some related security tools.
2019-10-16 14:45:42 +02:00
Swissky
6a81a130cc
Merge pull request #102 from op01/master
Update Silver Ticket
2019-10-15 19:17:03 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
05b3e13098 SSRF for ECS 2019-10-12 13:30:52 +02:00