wanderer/ PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-06-04 12:46:21 +02:00
Code Issues Releases Activity
742 Commits 2 Branches 5 Tags 52 MiB
Commit Graph

742 Commits

Author SHA1 Message Date
Myo Soe eac33e7e10
Added new payloads 
Added new payloads from https://www.hahwul.com/p/ssrf-open-redirect-cheat-sheet.html

http://google.com\www.whitelisteddomain.tld
http://google.com&www.whitelisteddomain.tld
http:///////////google.com
\\google.com
http://www.whitelisteddomain.tld.google.com
 2019-11-14 18:26:35 +08:00
Swissky 6ca8aa8acc
Merge pull request #123 from bash-c/patch-1 
fix invalid link
 2019-11-14 10:25:54 +01:00
M4x 221b353030
fix invalid link 2019-11-14 16:59:52 +08:00
Swissky 43f185d289 CVE-2019-1322 UsoSvc 2019-11-11 20:31:07 +01:00
Swissky f6d5221a85 SID history break trust + Powershell history + SCF files 2019-11-07 23:21:00 +01:00
Swissky 6fecedd880 MXSS - Mutated XSS - Google POC 2019-11-06 18:32:29 +01:00
Swissky 24516ca7a1 Kubernetes attacks update + ref to securityboulevard 2019-11-05 11:05:59 +01:00
Swissky 60050219b7 Impersonating Office 365 Users on Azure AD Connect 2019-11-04 21:43:44 +01:00
Swissky 4eae23a43d
Merge pull request #122 from noraj/patch-4 
XXE: tools description + more tools
 2019-11-04 09:11:26 +01:00
Swissky adaa93b4b8
Merge pull request #121 from noraj/patch-3 
add ref for docker SSRF
 2019-11-04 09:10:46 +01:00
Alexandre ZANNI e3604c01d7
XXE: tools description + more tools 2019-11-04 01:58:15 +01:00
Alexandre ZANNI 54c94e0398
add ref for docker SSRF 2019-11-03 23:50:58 +01:00
Alexandre ZANNI 64f8f4d869
add ref for docker SSRF 2019-11-03 23:49:36 +01:00
Swissky 3585b1f00f
Merge pull request #120 from cydave/patch-1 
Fix awk snippet
 2019-11-03 17:54:52 +01:00
Dave 775d10c256
Fix awk snippet 
A small typo in the awk one-liner prevents successful execution of the command.

```
awk: cmd. line:1: warning: remote host and port information (10.0.0.1>, 4242) invalid: Name or service not known
awk: cmd. line:1: fatal: can't open two way pipe `/inet/tcp/0/10.0.0.1>/4242' for input/output (No such file or directory)
```

This commit fixes this :)
 2019-11-03 16:07:16 +00:00
Alexandre ZANNI 83f46a22e3
add XXE via SVG rasterization 2019-11-02 00:54:48 +01:00
Swissky 952b3c0369
Merge pull request #119 from Hi15358/master 
Updated Insecure Deserialization/Java.md and Created Zip Slip in Upload Insecure Files
 2019-10-30 09:05:22 +01:00
Hi15358 83569c6142
Update and rename ReadMe.txt to README.md 2019-10-30 12:07:50 +08:00
Hi15358 5fec4f7c21
Update Java.md 2019-10-30 11:36:09 +08:00
Hi15358 5f31044ae3
Create ReadMe.txt 2019-10-30 11:24:56 +08:00
Hi15358 bd121bfccb
Delete Readme 2019-10-30 11:24:35 +08:00
Hi15358 b36e5262bd
Create Readme 2019-10-30 11:19:52 +08:00
Hi15358 757e1c107e
Merge pull request #2 from swisskyrepo/master 
Update
 2019-10-30 11:18:36 +08:00
Swissky 069463fe14
Merge pull request #117 from Reelix/patch-1 
Added an alternate possible Found condition to POST
 2019-10-29 21:06:35 +01:00
Swissky 535ad5baaa
Merge pull request #118 from cydave/cydave-patch-1 
Fix lua reverse shell quote issue
 2019-10-29 21:06:07 +01:00
Dave 6b22d53257
Fix lua reverse shell quote issue 
The single quotes around `io.popen` prevented the one-liner to be executed.
This change should fix that :)
 2019-10-29 19:31:07 +00:00
Reelix 694e9e4dbd
Added an alternate possible Found condition to POST 2019-10-29 21:11:56 +02:00
Swissky 55d1731897
Merge pull request #116 from nizam0906/master 
Added More Updates in SQL Injection
 2019-10-29 17:11:28 +01:00
nizam0906 d41e0d33bd
Added Summary in Hibernate Query Language Injection 2019-10-29 19:47:42 +05:30
nizam0906 4d94e553b9
Added Summary in Cassandra Injection 2019-10-29 19:42:49 +05:30
nizam0906 fe8c7be2fb
Fixed Broken Links in SQL injection README.md 2019-10-29 19:33:09 +05:30
nizam0906 a69c2acb7d
Added Summary in SQLite Injection 2019-10-29 19:22:49 +05:30
nizam0906 4b1f7e629d
Fixed Broken Links in PostgreSQL Injection 2019-10-29 19:06:41 +05:30
nizam0906 20d6599772
Added Summary 2019-10-29 18:57:33 +05:30
nizam0906 ca59b1d217
Fixed Broken Links in MSSQL Injection 
Fixed Broken Links in MSSQL Injection
 2019-10-29 18:44:28 +05:30
nizam0906 a33dce0d60
Fixed Broken Links 2019-10-29 18:25:00 +05:30
nizam0906 7d6fab92fa
Update Detect columns number 
Using SELECT * FROM SOME_EXISTING_TABLE Error Based
 2019-10-29 18:11:58 +05:30
nizam0906 614e8a97b9
Updated Detect columns number 
Detect columns number using LIMIT INTO Error Based
 2019-10-29 16:48:11 +05:30
nizam0906 f81f9440b8
Added More Ways to Detect columns number 
using order by or group by
using order by or group by error based
using UNION SELECT Error Based
 2019-10-29 16:32:22 +05:30
Swissky b7fdf8aa3f
Merge pull request #106 from Hi15358/master 
Update Reverse Shell Cheatsheet.md and Directory Traversal
 2019-10-29 10:14:07 +01:00
Hi15358 34d8853728
Merge pull request #1 from Hi15358/patch-1 
Patch 1
 2019-10-29 16:30:58 +08:00
Hi15358 bb7e6b7cd0
Update README.md 2019-10-29 16:23:39 +08:00
Swissky 377aad4061
Merge pull request #115 from nizam0906/master 
Added List Database Administrator Accounts
 2019-10-29 08:36:01 +01:00
Swissky b25694239b
Merge pull request #114 from noraj/patch-1 
XXE: add XXEinjector
 2019-10-29 08:35:31 +01:00
nizam0906 bb2c247160
Added List Database Administrator Accounts 
SELECT datname FROM pg_database
 2019-10-29 10:32:39 +05:30
Alexandre ZANNI 52119907f6
add XXEinjector 2019-10-29 00:41:04 +01:00
Swissky 5094ef8b10 XXE in XLSX 2019-10-28 20:46:19 +01:00
Swissky 534d46d0e4
Merge pull request #113 from Q5Ca/patch-1 
Add bypass WAF no equal using BETWEEN
 2019-10-28 18:21:26 +01:00
Swissky be3ef08d19
Merge pull request #112 from nizam0906/master 
Added More PostgreSQL Injection Queries And Blind XSS endpoint
 2019-10-28 18:20:54 +01:00
duongdpt 135af74acd
Update README.md 
Add bypass waf using BETWEEN
 2019-10-28 22:26:28 +07:00