Commit graph

405 commits

Author SHA1 Message Date
leikarne
bf03a0b11d Merged with my personal html tag library
Some new tags
2016-09-14 09:29:42 +02:00
leikarne
7c1d6972f5 Create html_attributes.txt
List of standard html attributes that are allowed inside html tags
2016-09-14 09:25:38 +02:00
Adam Muntner
104aac598d change ordering 2016-09-14 00:50:45 -04:00
Adam Muntner
9825554871 Adding newer html5 tags that were missing 2016-09-13 18:26:43 -04:00
Adam Muntner
bdcc8a6873 Merge pull request #153 from leikarne/patch-1
Removed crocodiles
2016-09-13 18:16:47 -04:00
leikarne
cb7b69a789 Removed crocodiles
When fuzzing for allowed html tags, some libraries such as OWASP AntiSamy will require a matching closing tag.
Removing the crocodiles from the html tags, it allow you to do the following: <$POS$></$POS$>, and you can use this file to fuzz for valid html tags, and still provide valid html at the same time.
2016-09-13 23:52:20 +02:00
Adam Muntner
19071973bc HTML entities, blank line, and a real null byte 2016-09-10 17:20:40 -04:00
Adam Muntner
13021c06a4 oops! 2016-09-10 17:19:28 -04:00
Adam Muntner
05d4b0ab25 Real null byte for fault injection into binaries + intentional blank line for "" 2016-09-10 17:01:31 -04:00
Adam Muntner
2d3ea1436e replacing 2016-09-10 16:58:40 -04:00
Adam Muntner
0e5ab90100 Various representations of localhost 2016-09-04 02:43:29 -04:00
Adam Muntner
dfef99f081 Merge pull request #152 from manuelbua/fix-malicious-images
Fix issue #151
2016-09-03 19:28:07 -04:00
Adam Muntner
57dad78537 RFC 5785 well-known services - fixup 2016-09-03 19:25:45 -04:00
Adam Muntner
72b4ef13c3 RFC 5785 well-known services
sources: 
https://www.ietf.org/assignments/well-known-uris/well-known-uris.xml
https://en.wikipedia.org/wiki/List_of_/well-known_services_offered_by_webservers

Usage example:

http://www.osidhfklefl.com/.well-known/dnt-policy.txt
2016-09-03 19:25:10 -04:00
dud3z
8c913fbd38 Fix missing phpinfo in GIFs, add POCs for phpinfo in GIF/JPG metadata 2016-09-04 00:57:45 +02:00
dud3z
c8aced196c Fix missing malicious images, XSS .swf file and EICAR test 2016-09-04 00:57:10 +02:00
Adam Muntner
a4969b9456 Update README.md 2016-09-03 15:22:30 -04:00
Adam Muntner
9a999e0af1 fixup 2016-09-02 08:41:12 -04:00
Adam Muntner
1bc10ab87e wikimedia exploit T137264
https://phabricator.wikimedia.org/T137264
2016-08-22 23:35:08 -04:00
Adam Muntner
3154ff4f84 add payloads 2016-08-16 09:54:40 -04:00
Adam Muntner
b16efd9bcf update date 2016-08-14 22:23:33 -04:00
Adam Muntner
895232fb9c Updated link 2016-08-14 20:52:52 -04:00
Adam Muntner
b515e5e8a6 Adding to docs: Joseph Giron - Web Shells Web Shells In PHP, ASP, JSP, Perl, And ColdFusion (pdf - 2009) 2016-08-14 20:49:48 -04:00
Adam Muntner
5860461322 add fimap how-to link 2016-08-14 20:37:06 -04:00
Adam Muntner
17cedd2a99 Update README.md 2016-08-14 20:35:00 -04:00
Guillaume Cheron
ae7d9de330 Add HTML event attributes 2016-06-16 18:05:52 +02:00
Adam Muntner
637a885f53 Update README.md 2016-05-28 22:34:14 -04:00
Adam Muntner
3c837777fd moved dl directions to bottom 2016-05-28 22:32:32 -04:00
Adam Muntner
f1ef0a17bd Merge pull request #146 from richin13/master
Fix Issue #144 
Change .fuzz.txt to .txt
2016-05-25 20:53:40 -04:00
Ricardo Madriz
2863f7a588 Fix #144 2016-05-25 17:56:24 -06:00
Ricardo Madriz
f7aa901576 Fix #144 2016-05-25 17:55:49 -06:00
Adam Muntner
2d9358ce53 Delete .directory 2016-05-20 02:05:54 -04:00
Adam Muntner
27abfa211a add payload
/\..%2f\..%2f\..%2f etc etc etc
2016-05-20 02:04:44 -04:00
Adam Muntner
a50405581f Create shells.fuzz.txt
from @tennc repo
2016-05-18 13:09:07 -04:00
Adam Muntner
2104792ff6 Create upload_variants.fuzz.txt 2016-05-18 13:07:39 -04:00
Adam Muntner
f61fab64f8 Create bot_control_panels.fuzz.txt
from @tennc repo
2016-05-18 13:06:25 -04:00
Adam Muntner
6e342e7194 Create Joomla_exploitable.fuzz.txt 2016-05-18 13:03:53 -04:00
Adam Muntner
e5d27edb77 Create test_demo.fuzz.txt 2016-05-18 13:01:21 -04:00
Adam Muntner
425fd4efdf Create spanish.fuzz.txt 2016-05-18 12:59:25 -04:00
Adam Muntner
00e6cab97e remove leading / 2016-05-18 12:57:41 -04:00
Adam Muntner
45812e8bbf Create Ruby_Rails.fuzz.txt 2016-05-18 12:52:21 -04:00
Adam Muntner
cdff5cdc16 cleanup & remove leading / 2016-05-18 12:51:16 -04:00
Adam Muntner
9416c760ed remove leading / 2016-05-18 12:49:47 -04:00
Adam Muntner
4cb117f9fe Create HP_System_Mgmt_Homepage.fuzz.txt 2016-05-18 12:43:29 -04:00
Adam Muntner
817edadbda Create Apache_Axis.fuzz.txt 2016-05-18 12:41:54 -04:00
Adam Muntner
8813c6edd5 add extensions
from @tennc fork
2016-05-18 12:39:21 -04:00
Adam Muntner
aaeaf8907e from @tennc fork 2016-05-18 12:28:42 -04:00
Adam Muntner
89c5709cf9 from @tennc fork 2016-05-18 12:28:07 -04:00
Adam Muntner
8981307ac3 from @tennc fork 2016-05-18 12:27:05 -04:00
Adam Muntner
cb9c71d5f5 from @tennc fork 2016-05-18 12:26:13 -04:00