wanderer/ PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-05-04 15:06:19 +02:00
Code Issues Releases Activity
1,910 Commits 2 Branches 5 Tags 48 MiB
Commit Graph

1910 Commits

Author SHA1 Message Date
Swissky f9a2880ad5 Recover Public Key From Signed JWTs 2023-09-04 11:37:15 +02:00
Swissky c030379871
Merge pull request #670 from superboy-zjc/master 
Update Lodash SSTI
 2023-09-03 17:30:52 +02:00
Swissky a0c14e5299 SQL injections - WAF bypass 2023-09-03 14:26:03 +02:00
2h0ng 34da0e2708
Update Lodash SSTI 
Update Lodash SSTI
 2023-09-02 21:24:59 -04:00
Swissky 7752ff806f ASPNET Cookieless Bypass 2023-09-02 23:01:10 +02:00
Swissky e879ca42a3
Merge pull request #668 from sethsec-bf/patch-1 
Added CloudFox and CloudFoxable
 2023-08-31 10:37:38 +02:00
Seth Art 339a51cd0d
Added CloudFox and CloudFoxable 2023-08-30 14:11:11 -04:00
Swissky 53ec79abd0 Initial Access Cheatsheet 2023-08-26 22:01:45 +02:00
Swissky 930044d7c1
Merge pull request #666 from dwisiswant0/feat/ssrf-add-tool 
feat(SSRF): add tool
 2023-08-26 12:50:56 +02:00
Swissky 9db39952e7
Merge pull request #667 from PakCyberbot/master-1 
Update SQLite Injection.md
 2023-08-26 12:50:06 +02:00
Pak Cyberbot d5922f421c
Update SQLite Injection.md 
Column names of the specified table can be more easily extracted in a better output.
Tested during the CTF
 2023-08-25 15:24:52 +05:00
Dwi Siswanto 63379b9291
feat(SSRF): add tool 2023-08-25 16:34:45 +07:00
Swissky b0dfcfd438 Hidden Parameters 2023-08-24 22:15:11 +02:00
Swissky e2e2da74ce
Merge pull request #664 from ScriptSathi/master 
feat: Add Rust reverse shell for unix
 2023-08-22 18:04:31 +02:00
Tristan D'audibert aea130a1ac Add Rust reverse shell for unix 2023-08-21 17:50:11 +02:00
cfgs 538a7b024b feat: add cognito-scanner tool for AWS pentest 2023-08-08 10:41:54 +02:00
Vunnm 273da9e1b5
Add JSON simple with form 
Add JSON simple paylaod with autosubmit form. Using autosubmit form instead of AJax, allow to bypass some protection like the Standard Enhanced Tracking Protection in Firfefox, which will refuse to send cookie with  cross-site  Ajax request (tested with Firefox 115.0.2esr),.
 2023-08-05 14:39:33 +02:00
Swissky d642e97d8d
Merge pull request #661 from emmanuel-ferdman/wip 
fix: broken link on AWS Amazon Bucket S3 page
 2023-07-26 14:20:27 +02:00
Emmanuel Ferdman 20b8870123
fix: broken link on AWS Amazon Bucket S3 page 
Signed-off-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
 2023-07-26 15:09:56 +03:00
Swissky e366ef9a13
Merge pull request #660 from yanncam/master 
Added precision on the format, generation and breaking of NetNTLMv1
 2023-07-25 15:28:12 +02:00
Yann CAM (ycam) e80702d599
More details on NetNTLMv1 + typos 
More details on NetNTLMv1 + typos
 2023-07-25 11:31:35 +02:00
Yann CAM (ycam) 4336cb1fd5
Update NetNTLMv1 breaking methodology 
Add SHuck.Sh/ShuckNT process and details.
 2023-07-25 11:11:36 +02:00
Swissky b715364547 Fix typo 2023-07-18 22:19:29 +02:00
Swissky 52ef85a830 WebSocket Tools 2023-07-18 22:17:51 +02:00
Swissky fbc43be79f Merge pull requests 2023-07-18 18:24:14 +02:00
Swissky 87e6f55e16 Error Based XXE - Local DTD 2023-07-18 18:23:34 +02:00
Swissky 359b9b435e
Merge pull request #659 from preemptible/patch-1 
Update BOOKS.md
 2023-07-18 10:21:23 +02:00
Swissky 3de6c41823
Merge pull request #658 from NaxnN/patch-2 
Update SQLite Injection.md
 2023-07-18 10:20:20 +02:00
preemptible 6d12abb4ec
Update BOOKS.md 
I added 'black hat Rust', a great book in my humble opinion.
 2023-07-18 11:16:36 +03:00
KeoOp d5f85f13d5
Update SQLite Injection.md 
add "group_concat" so that all tables can be extracted once when the query only returns the first item
 2023-07-16 23:44:00 +08:00
Swissky cd19bb9409 Business Logic Errors + Mass Assignment 2023-07-09 13:01:03 +02:00
Swissky b68ce28c4b Open Redirect + SSI Injection 2023-07-08 10:09:59 +02:00
Swissky 86e246dd03 Prototype Pollution 2023-07-07 23:10:33 +02:00
Swissky 0a75beeccd
Merge pull request #652 from clem9669/master 
Update README.md for Latex injection
 2023-06-29 12:27:22 +02:00
clem9669 fa3cf25c55
Update README.md 2023-06-29 10:19:14 +00:00
Swissky f723ef4878
Merge pull request #651 from JLLeitschuh/patch-3 
Add new AWS IPv6 SSRF Endpoint
 2023-06-29 10:59:10 +02:00
Swissky 9711417161
Update README.md 2023-06-29 10:59:02 +02:00
Swissky a8161ef48c
Merge pull request #650 from Xhoenix/master 
update ssrf payloads
 2023-06-29 10:41:31 +02:00
Jonathan Leitschuh bb3f865e10
Add new AWS IPv6 SSRF Endpoint 
Documentation: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/instancedata-data-retrieval.html
 2023-06-28 18:51:53 -04:00
Jitendra Patro 384f54af54
Merge branch 'swisskyrepo:master' into master 2023-06-28 15:51:00 +05:30
Jitendra Patro 391b18cf20
update bypass localhost with [::] payloads 2023-06-28 15:50:43 +05:30
Swissky 70396ec71d
Merge pull request #649 from MotiHarmats/patch-1 
Add CI/CD payloads
 2023-06-28 10:26:10 +02:00
Swissky ec11a14e4e
Merge pull request #648 from mpgn/master 
Use new offical CME repository
 2023-06-28 10:18:55 +02:00
MotiHarmats de8d4796af
Add CI/CD payloads 2023-06-28 11:15:58 +03:00
mpgn 35b0d672f0
Use new offical CME repository 2023-06-28 10:12:15 +02:00
Swissky 113afae290 AWS EC2 Metadata + SSSD token deobfuscate 2023-06-27 15:45:29 +02:00
Swissky 5ddd8e04da MSSQL - Stacked Queries Delimiters 2023-06-25 00:02:54 +02:00
Swissky e9c1ce1c09 AWS Key Patterns 2023-06-22 19:03:06 +02:00
Swissky fc36b38430 DOM Clobbering 2023-06-10 20:08:23 +02:00
Swissky 726de9e9b2
Merge pull request #645 from azurit/ssrflocalhost 
SSRF: bypass using IPv6/IPv4 Address Embedding
 2023-06-09 10:48:54 +02:00