Mirrors/fuzzdb
2
0
Fork 0
mirror of https://github.com/fuzzdb-project/fuzzdb.git synced 2024-11-10 05:24:12 +00:00
Code Issues Projects Releases Packages Wiki Activity
376 commits 2 branches 0 tags 8.8 MiB
Commit graph

376 commits

This branch
This branch
All branches
Author SHA1 Message Date
Adam Muntner
da3d4e1fa9 Added additional likely method names 2017-01-15 23:52:10 -05:00
Adam Muntner
e25608f9fa Merge pull request #161 from elnerd/patch-4 
Added TRACK method to http-methods
 2017-01-15 15:25:42 -05:00
Adam Muntner
abe819f21c Merge pull request #160 from sempf/patch-1 
Create json version of debug params
 2017-01-15 15:24:01 -05:00
Adam Muntner
fa3e68b231 Merge pull request #155 from elnerd/patch-3 
Patch 3 - added h2-h6 tags
 2017-01-15 15:23:14 -05:00
Adam Muntner
715977900d Merge pull request #159 from merttasci/patch-1 
added 2 style context XSS attacks for LESS
 2017-01-15 15:22:34 -05:00
Adam Muntner
1e6472ea75 Merge pull request #154 from elnerd/patch-2 
Create html_attributes.txt
 2017-01-15 15:21:35 -05:00
Adam Muntner
7b3433f960 Merge pull request #147 from GuiOm/master 
Add HTML event attributes
 2017-01-15 15:21:19 -05:00
El Nerdo
9cd7e5a2d0 Added TRACK method to http-methods 
According to https://www.owasp.org/index.php/Cross_Site_Tracing - the TRACK method is IIS specific variant of TRACE.
 2016-12-19 11:38:35 +01:00
Bill Sempf
02f6aa2687 Create json version of debug params 
I like this for AJAXy sites.
 2016-12-15 10:25:54 -05:00
Adam Muntner
6e3e71822b Delete command-execution-cheatsheat-unix.txt 2016-11-15 16:31:53 -05:00
Mert Tasci
6724d78102 added 2 style context XSS attacks for LESS 
cc: https://twitter.com/merttasci_/status/786878767604043776
 2016-10-19 14:12:27 +03:00
Adam Muntner
71407d12e0 Create README.md 2016-10-17 09:06:26 -04:00
Adam Muntner
a07e0fea2f from https://github.com/attackercan/ 
https://github.com/attackercan/regexp-security-cheatsheet
 2016-10-17 09:01:36 -04:00
Adam Muntner
22fe7c4b1a Delete README.rb 2016-10-17 08:54:04 -04:00
Adam Muntner
e3a9f305b7 Update README.rb 2016-10-17 08:52:48 -04:00
Adam Muntner
e5b926eadd Update README.rb 2016-10-17 08:52:08 -04:00
Adam Muntner
db8c767952 Create README.rb 2016-10-17 08:51:50 -04:00
Adam Muntner
c4d8de6c78 Add PNG IDAT chunk webshell link & cleanup 2016-10-16 20:24:55 -04:00
Adam Muntner
837c737b28 Tiny php remote os commanding backdoor 
Example usage:

http://host/?c=id
 2016-10-16 15:47:43 -04:00
Adam Muntner
89c59e7d74 Update arbitrary redirect docs 2016-10-12 03:44:16 -04:00
Adam Muntner
e951c9f277 doc page 1.0 for open redirect patterns 2016-10-12 03:22:12 -04:00
Adam Muntner
05c9d033fb Arbitrary redirect injection template 2016-10-12 02:36:00 -04:00
Adam Muntner
a3768fd2a4 Open redirct injection tests 2016-10-12 02:12:47 -04:00
Adam Muntner
aaeaf2fbc4 Open redirect tests 2016-10-12 02:12:10 -04:00
Adam Muntner
55bb18a030 Open redirect url patterns 2016-10-12 02:08:10 -04:00
Adam Muntner
f38bb3e0df Creating redirection template, more patterns otw 2016-10-12 01:42:23 -04:00
Adam Muntner
69210d06f2 added redirector 2016-10-11 01:47:17 -04:00
Adam Muntner
48c40d2e54 Create shell-operators.txt 2016-10-11 01:44:27 -04:00
Adam Muntner
93d85fb2f0 Added more OS commanding patterns 2016-10-11 01:30:00 -04:00
Adam Muntner
a9e417d045 command-injection-template.txt is nicer, use it 2016-10-11 01:21:37 -04:00
Adam Muntner
0535bbd2fb add link to webshell git repo 2016-10-10 03:44:24 -04:00
Adam Muntner
9e545e71b1 More patterns for separating shell commands 2016-10-06 10:27:50 -04:00
Adam Muntner
0bc1498c3d Update patterns for separating shell commands 2016-10-06 10:20:43 -04:00
Adam Muntner
5dd4d67557 Template for generating OS Commanding tests 
replace {cmd} with single value such as /usr/bin/id or a list of test values
 2016-10-05 20:51:15 -04:00
Adam Muntner
984b37e742 Template for generating OS Commanding tests 
Replacement string is {cmd}
 2016-10-05 20:49:35 -04:00
Adam Muntner
ea7dd32b51 Patterns for separating shell commands 2016-10-05 20:34:28 -04:00
Adam Muntner
8bad923d65 reformat xterm examples 2016-10-04 09:13:29 -04:00
Adam Muntner
66f94cd903 update reverse shell one-liners & xterm examples 
Thanks Bernardo Damele A. G http://bernardodamele.blogspot.com/2011/09/reverse-shells-one-liners.html
 2016-10-04 09:11:57 -04:00
Adam Muntner
a9d9991944 os command execution cheatsheet cleanup 2016-10-04 08:38:44 -04:00
Adam Muntner
8645354266 os command execution cheatsheet cleanup 2016-10-04 08:37:43 -04:00
Adam Muntner
7e886d0d9d shell commands without spaces, edits 2016-10-04 07:26:39 -04:00
Adam Muntner
b50de0d583 Add more remote cmd exec without spaces 2016-10-04 00:33:05 -04:00
Adam Muntner
8ed1ab4773 Add more remote cmd exec without spaces 
technique from https://www.mailchannels.com/2009/07/amazing-new-exploit-for-linksys-routers-running-dd-wrt/ using $IFS
 2016-10-04 00:32:00 -04:00
Adam Muntner
d1209f4b31 Update docs: remote command exec without spaces 2016-10-04 00:22:49 -04:00
Adam Muntner
1f4867321f remove old header, replace with "" 2016-10-04 00:12:04 -04:00
Adam Muntner
a0b1672889 fixup 2016-10-04 00:05:28 -04:00
Adam Muntner
b41ed8173e More command exec without spaces 
Credits:

Joe Sylve
Daniel Frisch
 2016-10-04 00:03:33 -04:00
Adam Muntner
0891bb84ec Cmd injection without spaces 
Thanks:
Andre Gironda
Ben Toews https://gist.github.com/btoews/3056269
Jon Oberheide https://jon.oberheide.org/blog/2008/09/04/bash-brace-expansion-cleverness/
 2016-10-03 23:41:58 -04:00
Adam Muntner
c261b0955e Update README.md 2016-10-01 22:01:36 -04:00
Adam Muntner
2663f4fbf5 Update README.md 2016-10-01 21:59:34 -04:00