Commit graph

4555 commits

Author SHA1 Message Date
CPol
1d40265874
GITBOOK-4213: change request with no subject merged in GitBook 2023-12-25 17:29:41 +00:00
Carlos Polop
8ed6ac013b
Merge pull request #768 from emizzz/master
fix URL error in Joomla RCE
2023-12-25 01:33:12 +01:00
Carlos Polop
4e5b0e4537
Merge pull request #767 from jxdv/update-actions
CI: Update actions
2023-12-25 01:32:48 +01:00
Carlos Polop
35857b706b
Merge pull request #766 from HackCommander/fix-broken-link-bypass-httponly-php-info
Fixed broken link in the section on to bypass HttpOnly flag during XSS exploitation.
2023-12-25 01:31:57 +01:00
CPol
f625f2b554
GITBOOK-4209: change request with no subject merged in GitBook 2023-12-24 19:15:37 +00:00
Carlos Polop
2cf03a3f4b
Merge pull request #764 from evilmog/master
update NTLMv1 cracking methodology
2023-12-24 20:11:47 +01:00
Carlos Polop
fe632e89bf
Merge pull request #762 from arall/patch-1
Update lfi2rce-via-phpinfo.md
2023-12-24 20:10:19 +01:00
Carlos Polop
0b8f9b2ec5
Update SUMMARY.md 2023-12-24 20:09:55 +01:00
Carlos Polop
0791ffe016
Merge pull request #761 from nxenon/master
add gRPC-Web Pentesting Methodology
2023-12-24 19:56:24 +01:00
Carlos Polop
03fb0ebb99
Merge pull request #758 from manesec/master
Update SNMP and Basic PowerShell for Pentesters
2023-12-24 19:53:33 +01:00
CPol
a6d32b1828
GITBOOK-4208: change request with no subject merged in GitBook 2023-12-24 18:15:27 +00:00
Carlos Polop
1699aa01ac
Merge pull request #757 from N7WEra/patch-1
Update JIRA page
2023-12-24 19:03:57 +01:00
Carlos Polop
bc34d41d18
Merge pull request #755 from CamoCatX/patch-1
Simple spelling correction
2023-12-24 19:03:18 +01:00
CPol
9e1ca50364
GITBOOK-4207: change request with no subject merged in GitBook 2023-12-24 12:09:43 +00:00
CPol
d7ba032059
GITBOOK-4206: change request with no subject merged in GitBook 2023-12-24 01:00:37 +00:00
emizzz
e1802676f6
fix URL error
I think once the code is injected, the correct URL is: 
"/templates/protostar/error.php"
and not:
"/templates/protostar/error.php/error.php"
2023-12-22 14:19:47 +01:00
jxdv
6f7b664b54 update setup python actions 2023-12-22 12:07:30 +01:00
jxdv
357337f27f update checkout actions 2023-12-22 12:06:34 +01:00
CPol
22d4ad80b7
GITBOOK-4205: change request with no subject merged in GitBook 2023-12-22 01:28:27 +00:00
Carlos Polop
2b9a7d1f69
Merge pull request #753 from NaxnN/patch-8
fix typo in deserialization/readme.md
2023-12-21 13:36:36 +01:00
HackCommander
e1246c8206 Fixed broken link in the section on to bypass HttpOnly flag during XSS exploitation. 2023-12-20 23:26:45 +01:00
CPol
d9768bdb93
GITBOOK-4199: change request with no subject merged in GitBook 2023-12-20 02:14:11 +00:00
evilmog
dde7fbec2a update NTLMv1 cracking methodology 2023-12-19 15:59:00 -07:00
Carlos Polop
f97bf8980c
Merge pull request #752 from cyberMilosz/master
Replace references to F-Secure LABS with WithSecure Labs
2023-12-19 22:44:29 +01:00
Carlos Polop
65ade5c95e
Merge pull request #763 from evilmog/master
update NTLMv1 cracking methodology
2023-12-19 22:44:06 +01:00
evilmog
3818e73d6f update NTLMv1 cracking methodology 2023-12-19 11:02:28 -07:00
Arall
ac10681235
Update lfi2rce-via-phpinfo.md
Fix a 404 on the phpInfoLFI.py exploit link
2023-12-19 18:18:56 +01:00
M Amin Nasiri
c8a6851ba2 add gRPC-Web Pentesting Methodology 2023-12-19 13:07:27 +04:00
CPol
5c84c90460
GITBOOK-4196: change request with no subject merged in GitBook 2023-12-19 00:24:47 +00:00
CPol
6649f59ddf
GITBOOK-4196: change request with no subject merged in GitBook 2023-12-19 00:24:07 +00:00
CPol
b4428b4c03
GITBOOK-4195: change request with no subject merged in GitBook 2023-12-18 23:58:55 +00:00
CPol
1fa12f9f37
GITBOOK-4193: change request with no subject merged in GitBook 2023-12-17 01:01:54 +00:00
CPol
20b5224810
GITBOOK-4192: change request with no subject merged in GitBook 2023-12-16 13:28:14 +00:00
CPol
d3fb573918
GITBOOK-4189: change request with no subject merged in GitBook 2023-12-13 23:28:49 +00:00
Mane
9878e7b8ac
Update README.md
Add `AMSI Bypass - More Resources` 
Add `Powershell - Port scan`

## Reference - `AMSI Bypass - More Resources`

[S3cur3Th1sSh1t/Amsi-Bypass-Powershell](https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell)

[Amsi Bypass on Windows 11 In 2023](https://gustavshen.medium.com/bypass-amsi-on-windows-11-75d231b2cac6)  [Github](https://github.com/senzee1984/Amsi_Bypass_In_2023)

## Reference - `Powershell - Port scan`

https://techcommunity.microsoft.com/t5/itops-talk-blog/powershell-basics-how-to-scan-open-ports-within-a-network/ba-p/924149

https://medium.com/@nallamuthu/powershell-port-scan-bf27fc754585

https://www.sans.org/blog/pen-test-poster-white-board-powershell-built-in-port-scanner/
2023-12-12 01:57:52 -08:00
Mane
2c3f4bdd68
Update README.md
Add `Microsoft Windows SNMP parameters`, which very useful.

# Reference:

https://www.websecgeeks.com/2017/04/hacking-snmp-service-part-2-post.html

https://refabr1k.gitbook.io/oscp/info-gathering/snmp#juicy-mib-values
2023-12-12 01:40:07 -08:00
CPol
a4f29b80da
GITBOOK-4186: change request with no subject merged in GitBook 2023-12-11 15:49:52 +00:00
N7WEra
98c15ec776
Update the permisson list 2023-12-11 15:46:57 +00:00
N7WEra
5aa2e16fd9
Update jira.md
changed the date
2023-12-11 14:38:01 +00:00
N7WEra
08a6342a99
Update page
to reflect changes in the API
2023-12-11 14:25:00 +00:00
CPol
ef14d419ab
GITBOOK-4185: change request with no subject merged in GitBook 2023-12-11 10:10:20 +00:00
CPol
2188a0927d
GITBOOK-4184: change request with no subject merged in GitBook 2023-12-11 09:39:35 +00:00
CamoCatX
efc37ef409
Update physical-attacks.md 2023-12-10 13:03:08 -06:00
Christopher Pritchard
4b445305da
Update nosql-injection.md with fixed brute force script
Fixed login brute force script so it doesn't just find one username per starting letter - this royally boned me and I don't want anyone else to feel the pain.
2023-12-08 20:56:03 +13:00
KeoOp
1291831b76
fix typo in deserialization/readme.md 2023-12-07 13:41:51 +09:00
CPol
5fc9f17db4
GITBOOK-4180: change request with no subject merged in GitBook 2023-12-05 11:51:09 +00:00
Miłosz Gaczkowski
2a30e960b5 Replace references to F-Secure LABS with WithSecure Labs
F-Secure split into 2 companies in early 2022. For a while, all links to labs.f-secure.com redirected to labs.withsecure.com, but this is no longer the case - leaving some links on HackTricks broken. This commit replaces all outdated links with their current locations.
2023-12-04 13:43:41 -05:00
carlospolop
81005f76c9 hp 2023-12-04 16:57:41 +01:00
carlospolop
21ed9007c4 hackenproof 2023-12-04 16:45:05 +01:00
CPol
0a792c2576
GITBOOK-4178: change request with no subject merged in GitBook 2023-12-04 15:17:30 +00:00