742 Commits

All Branches

Search

Author	SHA1	Message	Date
Th1b4ud	2740600a6b	Alternative TTY method with /usr/bin/script	2020-04-21 19:21:51 +02:00
Swissky	eaac0e748e	Fix issue #185	2020-04-21 11:31:18 +02:00
Swissky	c8c4a6e8a9	Fix issue #185	2020-04-21 11:26:49 +02:00
Swissky	89f906f7a8	Fix issue - C reverse shell	2020-04-21 11:17:39 +02:00
Swissky	95fed140ec	Fix - SSTI Payloads	2020-04-21 11:13:19 +02:00
Swissky	0de5cb7123	Merge pull request #186 from Techbrunch/patch-6 ... Add insomnia to GraphQL list of tools	2020-04-21 10:56:59 +02:00
Techbrunch	ade039c1bc	Add insomnia to GraphQL list of tools	2020-04-21 10:49:47 +02:00
Swissky	1d8414c703	ASP.NET Razor SSTI	2020-04-18 21:18:22 +02:00
Swissky	af6760ef7a	RoadRecon + JSON None refs	2020-04-17 16:34:51 +02:00
Swissky	44e676ea70	Merge pull request #182 from thibaudrobin/patch-1 ... Add others shell on reverse shell cheatsheet	2020-04-13 19:42:58 +02:00
Swissky	a19fd013fb	Merge pull request #181 from SecGus/master ... Added RCE SSTI Jinja2 Bypass payload developed by SecGus (chivato)	2020-04-13 19:42:14 +02:00
chiv	7e7f5e7628	Added SSTI RCE bypass payload for Jinja2	2020-04-13 18:48:43 +01:00
chiv	cc3b05017d	Added a new RCE payload to Jinja2 SSTI bypasses	2020-04-13 18:44:16 +01:00
Th1b4ud	29194a8ef1	Add others shell on reverse shell cheatsheet ... Add others shell on reverse shell cheatsheet	2020-04-13 19:06:01 +02:00
Swissky	bc8dd0b784	Merge pull request #180 from mindfuckup/master ... Added: Other CORS Misconfigurations	2020-04-12 17:51:52 +02:00
Emanuel Duss	54e3887077	Added PortSwigger Web Security Academy CORS Link	2020-04-12 15:12:34 +02:00
Emanuel Duss	3e5b367224	Added CORS Exploit when wildcard origin is allowed	2020-04-12 15:06:28 +02:00
Emanuel Duss	f120024c6b	Added CORS exploitation with strict trusted origin whitelist using XSS	2020-04-12 14:57:04 +02:00
Emanuel Duss	48fcdeb7ca	Some clarification in the exploit code	2020-04-12 14:38:52 +02:00
Emanuel Duss	4537555714	Added: CORS Misconfiguration with Null Origin allowed	2020-04-12 14:30:16 +02:00
Swissky	dd42b44011	Merge pull request #179 from mindfuckup/master ... Added: Cross-Site WebSocket Hijacking (CSWSH)	2020-04-11 18:26:22 +02:00
Emanuel Duss	930a3a0d8c	Added: Cross-Site WebSocket Hijacking (CSWSH)	2020-04-11 16:24:32 +02:00
Swissky	89e49b676d	Merge pull request #178 from Techbrunch/patch-4 ... Create web.web.config	2020-04-08 19:26:31 +02:00
Techbrunch	5902da38e4	Create web.web.config ... Source: https://gist.github.com/gazcbm/ea7206fbbad83f62080e0bbbeda77d9c	2020-04-08 19:14:30 +02:00
Swissky	cea982c062	GraphQL Voyager - Represent any GraphQL API as an interactive graph	2020-04-04 22:33:28 +02:00
Swissky	6e7af5a267	Docker Registry - Pull/Download	2020-04-04 18:27:41 +02:00
Swissky	f748af16d2	Merge pull request #176 from Anon-Exploiter/patch-1 ... Using JWT's module to encode payload with type `None`	2020-04-04 14:49:37 +02:00
Syed Umar Arfeen	c9fcb58d57	Using JWT's module to encode payload with type `None` ... Before the JWT was being encoded/decoded and that was done manually. The JWT's module does all that without manual decoding and splitting. This PR contains the code to encode the JWT token with type None while using JWT's library in python.	2020-04-04 16:03:56 +05:00
Swissky	78bd0867fe	Merge pull request #175 from 3rg1s/master ... Update SQLite Injection.md	2020-04-04 02:22:44 +02:00
fuxsocy.py	009a2f9276	Update SQLite Injection.md ... Added new link location for the pdf.	2020-04-03 23:15:05 +00:00
Swissky	b5cc379c4b	Merge pull request #173 from SakiiR/sakiir ... Added filter(system) twig RCE	2020-03-30 09:28:58 +02:00
SakiiR SakiiR	38c273ff00	Added IFS (WAF bypass) to Symfony Twig RCE	2020-03-29 23:23:26 +02:00
SakiiR SakiiR	8b78c2fe71	Added filter(system) twig RCE	2020-03-29 23:19:27 +02:00
Swissky	231e41a59b	Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings	2020-03-29 22:35:26 +02:00
Swissky	268d85b4bf	Symfony SSTI Twig RCE	2020-03-29 22:34:26 +02:00
Swissky	0ba5ad3e71	Merge pull request #172 from bash-c/patch-1 ... Delete unnecessary escape characters	2020-03-29 20:23:25 +02:00
M4x	1d299f55c9	Delete unnecessary escape characters ... `whoami` has already been wrapped in backquotes. There is no need to user escape characters again	2020-03-29 23:40:39 +08:00
Swissky	be8f32b586	Docker escape and exploit	2020-03-29 16:48:09 +02:00
Swissky	95ab07b45e	CloudTrail disable, GraphQL tool	2020-03-28 12:01:56 +01:00
Swissky	d489597357	Merge pull request #169 from guenicoe/patch-1 ... added cmd on the USOSVC vuln	2020-03-24 21:17:37 +01:00
guenicoe	a3cc577ebd	added cmd on the USOSVC vuln ... Added `cmd \c C:\Users\nc.exe` as not typing `cmd \c` did not work for me. Might need even more explanation	2020-03-24 20:15:59 +00:00
Swissky	173366dc65	Merge pull request #167 from PixeLInc/patch-1 ... Remove example from win priv esc	2020-03-23 23:27:10 +01:00
PixeL	1b190939c4	Remove example from win priv esc ... This example was used on hackthebox where it leaked the root flag of a machine on free servers. This resulted in every user being able to get the root flag before they have even completed the box which isn't fair to others. This example should either be changed or removed completely to combat copy-pasting without knowing what you're doing.	2020-03-23 17:17:42 -05:00
Swissky	6c38274bdb	Merge pull request #166 from fanixk/patch-1 ... Update Windows - Privilege Escalation.md	2020-03-22 21:56:05 +01:00
Fanis Katsimpas	2bdbb2dbc5	Update Windows - Privilege Escalation.md ... Make powershell on EoP - Runas easier to copy paste	2020-03-22 19:25:35 +00:00
Swissky	4303caa08c	README - Summary update	2020-03-19 12:03:32 +01:00
Swissky	1538ccd7f2	Gaining AWS Console Access via API Keys	2020-03-19 11:59:49 +01:00
Swissky	57b500b48e	Merge pull request #165 from HLOverflow/master ... More Bash tricks to bypass Command Injection filtering	2020-03-14 18:45:55 +01:00
HLOverflow	97dffcdc40	Update README.md	2020-03-15 01:11:47 +08:00
HLOverflow	3e184c10f9	Added additional character filter bypasses	2020-03-15 01:09:28 +08:00