Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-16 14:08:26 +00:00
Code Issues Projects Releases Packages Wiki Activity
4774 commits 24 branches 0 tags 1.1 GiB
Commit graph

1241 commits

Author SHA1 Message Date
CPol
da42a67a80
GITBOOK-4216: change request with no subject merged in GitBook 2023-12-26 00:45:07 +00:00
CPol
1d40265874
GITBOOK-4213: change request with no subject merged in GitBook 2023-12-25 17:29:41 +00:00
Carlos Polop
35857b706b
Merge pull request #766 from HackCommander/fix-broken-link-bypass-httponly-php-info 
Fixed broken link in the section on to bypass HttpOnly flag during XSS exploitation.
 2023-12-25 01:31:57 +01:00
CPol
f625f2b554
GITBOOK-4209: change request with no subject merged in GitBook 2023-12-24 19:15:37 +00:00
Carlos Polop
fe632e89bf
Merge pull request #762 from arall/patch-1 
Update lfi2rce-via-phpinfo.md
 2023-12-24 20:10:19 +01:00
Carlos Polop
0791ffe016
Merge pull request #761 from nxenon/master 
add gRPC-Web Pentesting Methodology
 2023-12-24 19:56:24 +01:00
Carlos Polop
2b9a7d1f69
Merge pull request #753 from NaxnN/patch-8 
fix typo in deserialization/readme.md
 2023-12-21 13:36:36 +01:00
HackCommander
e1246c8206 Fixed broken link in the section on to bypass HttpOnly flag during XSS exploitation. 2023-12-20 23:26:45 +01:00
Arall
ac10681235
Update lfi2rce-via-phpinfo.md 
Fix a 404 on the phpInfoLFI.py exploit link
 2023-12-19 18:18:56 +01:00
M Amin Nasiri
c8a6851ba2 add gRPC-Web Pentesting Methodology 2023-12-19 13:07:27 +04:00
CPol
20b5224810
GITBOOK-4192: change request with no subject merged in GitBook 2023-12-16 13:28:14 +00:00
CPol
ef14d419ab
GITBOOK-4185: change request with no subject merged in GitBook 2023-12-11 10:10:20 +00:00
Christopher Pritchard
4b445305da
Update nosql-injection.md with fixed brute force script 
Fixed login brute force script so it doesn't just find one username per starting letter - this royally boned me and I don't want anyone else to feel the pain.
 2023-12-08 20:56:03 +13:00
KeoOp
1291831b76
fix typo in deserialization/readme.md 2023-12-07 13:41:51 +09:00
carlospolop
81005f76c9 hp 2023-12-04 16:57:41 +01:00
carlospolop
21ed9007c4 hackenproof 2023-12-04 16:45:05 +01:00
CPol
0a792c2576
GITBOOK-4178: change request with no subject merged in GitBook 2023-12-04 15:17:30 +00:00
CPol
f6cedd55e4
GITBOOK-4174: change request with no subject merged in GitBook 2023-12-04 09:33:43 +00:00
CPol
ae3c6e44b7
GITBOOK-4173: change request with no subject merged in GitBook 2023-12-04 09:24:40 +00:00
Maximilian Hildebrand
d3d3f4f47a
Added TInjA and the Template Injection Table 2023-12-03 13:14:19 +01:00
SidneyJob
76f93375d2 Fix mini spell mistake 2023-11-21 18:40:35 +03:00
CPol
04c2dccb6f
GITBOOK-4163: change request with no subject merged in GitBook 2023-11-09 15:12:11 +00:00
Carlos Polop
4c79f1cd10
Merge branch 'master' into master 2023-11-05 23:18:06 +01:00
CPol
f515ab26e7
GITBOOK-4149: change request with no subject merged in GitBook 2023-11-03 13:29:31 +00:00
CPol
a3ad24c9ea
GITBOOK-4148: change request with no subject merged in GitBook 2023-11-03 11:03:53 +00:00
CPol
233703a1b1
GITBOOK-4146: change request with no subject merged in GitBook 2023-11-02 16:52:21 +00:00
CPol
46d107852a
GITBOOK-4142: change request with no subject merged in GitBook 2023-10-27 16:04:24 +00:00
CPol
1015696215
GITBOOK-4141: change request with no subject merged in GitBook 2023-10-27 15:46:20 +00:00
Felipe Molina
306481ac24 Add new CSP bypasses through third-parties 2023-10-26 18:30:16 +01:00
Felipe Molina
548aed19f8 Add new CSP bypasses through third-parties 2023-10-26 18:20:03 +01:00
CPol
0272b33ab5
GITBOOK-4140: change request with no subject merged in GitBook 2023-10-26 14:15:46 +00:00
Felipe Molina
121d793ce0 Update CSP methods for third parties 2023-10-23 15:43:34 +01:00
CPol
0742844ba3
GITBOOK-4132: change request with no subject merged in GitBook 2023-10-16 21:06:07 +00:00
CPol
63857c0541
GITBOOK-4126: change request with no subject merged in GitBook 2023-10-15 16:45:54 +00:00
CPol
c383ffed62
GITBOOK-4125: change request with no subject merged in GitBook 2023-10-15 15:23:24 +00:00
CPol
6a5f71e401
GITBOOK-4121: change request with no subject merged in GitBook 2023-10-14 20:45:59 +00:00
Carlos Polop
d7f82e9005
Merge pull request #710 from kibatche/master 
Update file-upload.md / Replace cStringIO by io
 2023-10-11 23:27:32 +02:00
Carlos Polop
e5a76ef436
Merge pull request #708 from jiniljeil/patch-1 
Fix typo in http-request-smuggling
 2023-10-11 23:00:14 +02:00
CPol
aafdb7f10e
GITBOOK-4111: change request with no subject merged in GitBook 2023-10-05 14:47:43 +00:00
CPol
bce38a19cf
GITBOOK-4110: change request with no subject merged in GitBook 2023-10-05 10:00:26 +00:00
CPol
0cd8734cc5
GITBOOK-4104: change request with no subject merged in GitBook 2023-09-29 15:36:01 +00:00
CPol
261348bb2c
GITBOOK-4100: change request with no subject merged in GitBook 2023-09-28 15:09:34 +00:00
CPol
7d1cde6b91
GITBOOK-4096: change request with no subject merged in GitBook 2023-09-26 11:09:53 +00:00
kibatche
86f9653abf
Update file-upload.md / Replace cStringIO by io 
Originally, I wrote the script for the little trick "Decompress with a different name" with the module "cStringIo". I don't remember why exactly, but when tested again at home to write about this stuff, I found that cStringIo is not present anymore on python3. It works with python2.7, but `io` is better because it works with both modules.

And, I wrote " we can reuse the previous script". That's not true haha !

I think this is better to keep consistency with your previous work, and have more compatibility with different python version.

Let me know if it's ok for you. Thanks !
 2023-09-25 18:02:57 +02:00
CPol
afd72865a1
GITBOOK-4092: change request with no subject merged in GitBook 2023-09-24 09:51:34 +00:00
Jinil Kim
4e887c2998
Fix typo in http-request-smuggling 
Fix typo from lentgh to length in pentesting-web/http-request-smuggling
 2023-09-21 08:56:51 +09:00
Jinil Kim
2d9e6fd60c
Fix typo in http-request-smuggling 
Fix typo from lenght to length
 2023-09-21 08:45:08 +09:00
Jinil Kim
4154ac12e0
Fix typo in content-security-policy-csp-bypass 
Fix typo from executa to execute
 2023-09-17 22:40:55 +09:00
carlospolop
93b6df668e trickest 2023-09-05 00:10:11 +02:00
carlospolop
987e1109d8 trickest 2023-09-03 17:41:02 +02:00