Swissky
|
f0a8b6f8b8
|
Koadic cheatsheet renamed to "Windows - Post Exploitation"
|
2018-10-04 17:39:55 +02:00 |
|
Swissky
|
9ebf2057c5
|
Koadic Cheatsheet + Linux persistence in startup .desktop file
|
2018-10-04 17:35:57 +02:00 |
|
Swissky
|
747f1d172c
|
Reverse shell python for Windows + Lua + Awk
|
2018-10-02 17:17:03 +02:00 |
|
Swissky
|
824d8c370b
|
Bugfix README + Can I take over xyz
|
2018-10-02 16:57:01 +02:00 |
|
Swissky
|
1c5f8889bd
|
Network Discovery and Subdomains enumerations
|
2018-10-02 16:17:16 +02:00 |
|
Swissky
|
b315252c89
|
LFI - Intruder files (Windows,Linux,Logs...)
|
2018-10-01 17:11:51 +02:00 |
|
Swissky
|
a3975ab261
|
SQLmap TOR + Cookie + Proxy
|
2018-10-01 16:03:07 +02:00 |
|
Swissky
|
7b49f1b13a
|
PHP Serialization - phpggc
|
2018-10-01 12:30:14 +02:00 |
|
Swissky
|
6ca5ff1703
|
PHP Serialization Auth Bypass - Merge pull request #25 from noraj/patch-2
add auth bypass
|
2018-09-26 18:04:08 +02:00 |
|
Alexandre ZANNI
|
3cf806c8ff
|
2nd unserialize payload
|
2018-09-26 00:13:19 +02:00 |
|
Alexandre ZANNI
|
d49e40b1b2
|
add auth bypass
|
2018-09-25 23:59:29 +02:00 |
|
Swissky
|
1a1a48c725
|
Web Cache Deception details from SI9INT's blogpost
|
2018-09-23 20:07:19 +02:00 |
|
Swissky
|
8bef006d7f
|
MSSQL Comments - Merge pull request #24 from Margular/patch-1
add comments
|
2018-09-22 23:12:23 +02:00 |
|
时雨
|
20c1e5c075
|
add comments
|
2018-09-23 02:30:03 +08:00 |
|
Swissky
|
cce0444245
|
SQL injection - Intruders payloads
|
2018-09-21 18:44:32 +02:00 |
|
Swissky
|
699d66d701
|
Merge pull request #23 from noraj/patch-1
routed injection in ToC
|
2018-09-21 18:42:32 +02:00 |
|
Alexandre ZANNI
|
a1eb693270
|
routed injection in ToC
|
2018-09-20 23:52:07 +02:00 |
|
Swissky
|
7a80647e63
|
Raw MD5 SQL injection + SSH Konami Code
|
2018-09-10 23:12:29 +02:00 |
|
Swissky
|
2a080f82e6
|
Cassandra SQL + XSS MD + PHP Type Juggling
|
2018-09-10 20:40:43 +02:00 |
|
Swissky
|
90f4c3634e
|
PDF JS
|
2018-09-06 20:28:30 +02:00 |
|
Swissky
|
beb0ce8c54
|
Linux Persistence + WebLogic RCE
|
2018-09-03 18:41:05 +02:00 |
|
Swissky
|
011baa7321
|
Merge pull request #22 from cclauss/patch-1
Use octal numbers that work in both Python 2 and 3
|
2018-09-02 15:57:48 +02:00 |
|
cclauss
|
d642980f8c
|
Use octal numbers that work in both Python 2 and 3
python2 -c "print(0777 << 16L == 0o777 << 16)" # True
|
2018-09-02 14:09:55 +02:00 |
|
Swissky
|
d847e2e6bb
|
Merge pull request #21 from cclauss/patch-1
import string in uploadlfi.py
|
2018-09-02 13:54:45 +02:00 |
|
cclauss
|
150110a96c
|
import string in uploadlfi.py
__string__ is used twice on line 13 but it is never imported.
|
2018-09-02 13:24:35 +02:00 |
|
Swissky
|
64e577b650
|
CSP bypass fix link
|
2018-09-01 15:38:57 +02:00 |
|
Swissky
|
fe52b32af8
|
XSS CSP Bypass + PostgreSQL read/write
|
2018-09-01 15:36:33 +02:00 |
|
Swissky
|
c38adaded3
|
CVE Apache Struts + XSS in Python Notebook
|
2018-08-28 18:48:26 +02:00 |
|
Swissky
|
2a54753d11
|
Merge pull request #20 from developersatyendra/master
latest Apache struts CVE 2018 exploit added
|
2018-08-28 18:37:17 +02:00 |
|
developersatyendra
|
e2bd481882
|
Rename ApacheStrutsV3.py to ApacheStrutsV3-2018.py
|
2018-08-28 03:15:10 -04:00 |
|
developersatyendra
|
72e73e38c2
|
Created ApacheStrutsV3.py
added latest apache struts exploit which is written by @s1kr10s
|
2018-08-28 03:14:40 -04:00 |
|
Swissky
|
f612a91bb5
|
LFI via Upload (race condition) + Network Pivot nmap
|
2018-08-26 15:43:26 +02:00 |
|
Swissky
|
b2faf8c747
|
SSRF bugfix picture
|
2018-08-23 19:16:38 +02:00 |
|
Swissky
|
2b7acbc493
|
SSRF - Bad Parsers
|
2018-08-23 19:15:15 +02:00 |
|
Swissky
|
0c707c4188
|
ImageTragick v2 + Angular 1.6+ XSS
|
2018-08-22 21:42:25 +02:00 |
|
Swissky
|
fe7314444c
|
Phar Wrapper - "unserialize"
|
2018-08-19 18:47:32 +02:00 |
|
Swissky
|
cfbe1a4469
|
SSRF Docker & Kubernetes
|
2018-08-19 16:32:26 +02:00 |
|
Swissky
|
e11339e669
|
Markdown formatting - Part 3
|
2018-08-13 13:07:37 +02:00 |
|
Swissky
|
b87e14a0ed
|
Markdown formatting - Part 2
|
2018-08-13 12:01:13 +02:00 |
|
Swissky
|
65654f81a4
|
Markdown formatting update
|
2018-08-12 23:30:22 +02:00 |
|
Swissky
|
177c12cb79
|
Multiple update in READMEs + RCE tricks
|
2018-08-12 00:17:58 +02:00 |
|
Swissky
|
b20cdde4d9
|
Adding soffensive's windowsblindread file
|
2018-08-03 17:56:29 +02:00 |
|
Swissky
|
644724396f
|
LaTeX display code + XSS location alternative
|
2018-08-01 21:19:18 +02:00 |
|
Swissky
|
dcc5ebd3b6
|
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
|
2018-07-31 19:23:13 +02:00 |
|
Swissky
|
ce1096830d
|
Merge pull request #19 from Isopach/Isopach-patch-1
Update README.md
|
2018-07-31 13:28:31 +02:00 |
|
Isopach
|
8e26277407
|
Update README.md
Correct misspelling
|
2018-07-31 18:02:38 +09:00 |
|
Swissky
|
4e1077c25e
|
Weblogic RCE CVE 2018 2894
|
2018-07-26 19:15:53 +02:00 |
|
Swissky
|
6524c8e544
|
LaTex injection - typo language markdown
|
2018-07-22 22:39:37 +02:00 |
|
Swissky
|
15891b3ab4
|
LaTeX injection + RCE bypass with backslash
|
2018-07-22 22:35:46 +02:00 |
|
Swissky
|
93f4bbb19e
|
AD BloodHound + AD Relationship + SSRF Digital Ocean
|
2018-07-15 11:06:43 +02:00 |
|