Commit graph

1807 commits

Author SHA1 Message Date
Swissky
f9a2880ad5 Recover Public Key From Signed JWTs 2023-09-04 11:37:15 +02:00
Swissky
c030379871
Merge pull request #670 from superboy-zjc/master
Update Lodash SSTI
2023-09-03 17:30:52 +02:00
Swissky
a0c14e5299 SQL injections - WAF bypass 2023-09-03 14:26:03 +02:00
2h0ng
34da0e2708
Update Lodash SSTI
Update Lodash SSTI
2023-09-02 21:24:59 -04:00
Swissky
7752ff806f ASPNET Cookieless Bypass 2023-09-02 23:01:10 +02:00
Swissky
e879ca42a3
Merge pull request #668 from sethsec-bf/patch-1
Added CloudFox and CloudFoxable
2023-08-31 10:37:38 +02:00
Seth Art
339a51cd0d
Added CloudFox and CloudFoxable 2023-08-30 14:11:11 -04:00
Swissky
53ec79abd0 Initial Access Cheatsheet 2023-08-26 22:01:45 +02:00
Swissky
930044d7c1
Merge pull request #666 from dwisiswant0/feat/ssrf-add-tool
feat(SSRF): add tool
2023-08-26 12:50:56 +02:00
Swissky
9db39952e7
Merge pull request #667 from PakCyberbot/master-1
Update SQLite Injection.md
2023-08-26 12:50:06 +02:00
Pak Cyberbot
d5922f421c
Update SQLite Injection.md
Column names of the specified table can be more easily extracted in a better output.
Tested during the CTF
2023-08-25 15:24:52 +05:00
Dwi Siswanto
63379b9291
feat(SSRF): add tool 2023-08-25 16:34:45 +07:00
Swissky
b0dfcfd438 Hidden Parameters 2023-08-24 22:15:11 +02:00
Swissky
e2e2da74ce
Merge pull request #664 from ScriptSathi/master
feat: Add Rust reverse shell for unix
2023-08-22 18:04:31 +02:00
Tristan D'audibert
aea130a1ac Add Rust reverse shell for unix 2023-08-21 17:50:11 +02:00
Swissky
d642e97d8d
Merge pull request #661 from emmanuel-ferdman/wip
fix: broken link on AWS Amazon Bucket S3 page
2023-07-26 14:20:27 +02:00
Emmanuel Ferdman
20b8870123
fix: broken link on AWS Amazon Bucket S3 page
Signed-off-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
2023-07-26 15:09:56 +03:00
Swissky
e366ef9a13
Merge pull request #660 from yanncam/master
Added precision on the format, generation and breaking of NetNTLMv1
2023-07-25 15:28:12 +02:00
Yann CAM (ycam)
e80702d599
More details on NetNTLMv1 + typos
More details on NetNTLMv1 + typos
2023-07-25 11:31:35 +02:00
Yann CAM (ycam)
4336cb1fd5
Update NetNTLMv1 breaking methodology
Add SHuck.Sh/ShuckNT process and details.
2023-07-25 11:11:36 +02:00
Swissky
b715364547 Fix typo 2023-07-18 22:19:29 +02:00
Swissky
52ef85a830 WebSocket Tools 2023-07-18 22:17:51 +02:00
Swissky
fbc43be79f Merge pull requests 2023-07-18 18:24:14 +02:00
Swissky
87e6f55e16 Error Based XXE - Local DTD 2023-07-18 18:23:34 +02:00
Swissky
359b9b435e
Merge pull request #659 from preemptible/patch-1
Update BOOKS.md
2023-07-18 10:21:23 +02:00
Swissky
3de6c41823
Merge pull request #658 from NaxnN/patch-2
Update SQLite Injection.md
2023-07-18 10:20:20 +02:00
preemptible
6d12abb4ec
Update BOOKS.md
I added 'black hat Rust', a great book in my humble opinion.
2023-07-18 11:16:36 +03:00
KeoOp
d5f85f13d5
Update SQLite Injection.md
add "group_concat" so that all tables can be extracted once when the query only returns the first item
2023-07-16 23:44:00 +08:00
Swissky
cd19bb9409 Business Logic Errors + Mass Assignment 2023-07-09 13:01:03 +02:00
Swissky
b68ce28c4b Open Redirect + SSI Injection 2023-07-08 10:09:59 +02:00
Swissky
86e246dd03 Prototype Pollution 2023-07-07 23:10:33 +02:00
Swissky
0a75beeccd
Merge pull request #652 from clem9669/master
Update README.md for Latex injection
2023-06-29 12:27:22 +02:00
clem9669
fa3cf25c55
Update README.md 2023-06-29 10:19:14 +00:00
Swissky
f723ef4878
Merge pull request #651 from JLLeitschuh/patch-3
Add new AWS IPv6 SSRF Endpoint
2023-06-29 10:59:10 +02:00
Swissky
9711417161
Update README.md 2023-06-29 10:59:02 +02:00
Swissky
a8161ef48c
Merge pull request #650 from Xhoenix/master
update ssrf payloads
2023-06-29 10:41:31 +02:00
Jonathan Leitschuh
bb3f865e10
Add new AWS IPv6 SSRF Endpoint
Documentation: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/instancedata-data-retrieval.html
2023-06-28 18:51:53 -04:00
Jitendra Patro
384f54af54
Merge branch 'swisskyrepo:master' into master 2023-06-28 15:51:00 +05:30
Jitendra Patro
391b18cf20
update bypass localhost with [::] payloads 2023-06-28 15:50:43 +05:30
Swissky
70396ec71d
Merge pull request #649 from MotiHarmats/patch-1
Add CI/CD payloads
2023-06-28 10:26:10 +02:00
Swissky
ec11a14e4e
Merge pull request #648 from mpgn/master
Use new offical CME repository
2023-06-28 10:18:55 +02:00
MotiHarmats
de8d4796af
Add CI/CD payloads 2023-06-28 11:15:58 +03:00
mpgn
35b0d672f0
Use new offical CME repository 2023-06-28 10:12:15 +02:00
Swissky
113afae290 AWS EC2 Metadata + SSSD token deobfuscate 2023-06-27 15:45:29 +02:00
Swissky
5ddd8e04da MSSQL - Stacked Queries Delimiters 2023-06-25 00:02:54 +02:00
Swissky
e9c1ce1c09 AWS Key Patterns 2023-06-22 19:03:06 +02:00
Swissky
fc36b38430 DOM Clobbering 2023-06-10 20:08:23 +02:00
Swissky
726de9e9b2
Merge pull request #645 from azurit/ssrflocalhost
SSRF: bypass using IPv6/IPv4 Address Embedding
2023-06-09 10:48:54 +02:00
Swissky
10df57a531 Type Juggling 2023-06-09 10:46:54 +02:00
Swissky
de6e91657d Type Juggling - Loose Comparison and Exploit 2023-06-09 10:45:45 +02:00