wanderer/ PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-05-28 18:16:19 +02:00
Code Issues Releases Activity
1,701 Commits 2 Branches 5 Tags 48 MiB
Commit Graph

88 Commits

Author SHA1 Message Date
Swissky 14cc88371d WSL + RDP Passwords + MSPaint Escape 2023-02-11 17:49:55 +01:00
Swissky 514ac98dac SSRF + XSS details + XXE BOM 2022-12-13 22:29:20 +01:00
Swissky 3e9ef2efbe ADFS Golden SAML 2022-11-07 10:10:21 +01:00
Swissky 2227472e1c .NET formatters and POP gadgets 2022-11-03 21:31:50 +01:00
Fabian S. Varon Valencia 8136e462c2 remove old link, I can't find a replacement url 2022-10-26 20:36:52 -05:00
Fabian S. Varon Valencia 3822c27634 update old url's 2022-10-26 20:36:15 -05:00
Cory Cline a8d8434756
Shortened payload 
Make payload shorter.
 2022-10-13 19:48:20 -05:00
Cory Cline fbed4254e5
Fixed an oops 
Somehow I deleted line 120 in a prior commit. Fixed.
 2022-10-13 18:52:07 -05:00
Cory Cline 9ee8f092cd
Changed link for document.cookie blacklist 
Link was not working due to use of period in title.
 2022-10-13 18:46:52 -05:00
Cory Cline 9a42be1113
Replaced console.log with alert 
It's more common to want alert screenshots vs console screenshots.
 2022-10-13 18:45:55 -05:00
Cory Cline f23f28c4e2
Shortened payload 
Shortened the document.cookie blacklist bypass payload.
 2022-10-13 18:43:54 -05:00
Cory Cline 5d561ea7d6
Added document.cookie blacklist bypass 
Added an alternative to document.cookie for situations when this text is blacklisted.
 2022-10-13 18:23:36 -05:00
clem9669 2aa353a5b9
Update XSS_Polyglots.txt 
Adding the latest BruteLogic polyglot
 2022-10-05 09:45:15 +00:00
Deep Dhakate a670a26eea Update 2022-10-02 06:13:01 +00:00
clem9669 88134256c8
Adding brutelogic polyglot 
Adding brutelogic polyglot from blog post.
 2022-09-13 11:58:10 +00:00
Swissky d24e3f2d61
Merge pull request #497 from kz-cyber/xss/angular-xss-2 
[update] Angular XSS payload
 2022-09-07 00:34:29 +02:00
its0x08 31b213227e fix: Fix more spelling 2022-08-09 11:05:40 +02:00
its0x08 fc1f3b25a7 fix: Fix spelling 2022-08-09 11:02:21 +02:00
khiemtq-cyber 507c493db2 Update Angular XSS 2022-05-07 12:55:15 +07:00
idealphase 6738f878f3
Updated README.md 
Added References: Bypassing Signature-Based XSS Filters: Modifying Script Code
 2022-04-19 10:45:32 +07:00
idealphase de532030df
Merge branch 'swisskyrepo:master' into master 2022-04-19 10:43:04 +07:00
Swissky 85a50869f2
Merge pull request #482 from khiemtq-cyber/xss/angular-xss-1 
[update] Angular XSS payload
 2022-04-18 21:01:44 +02:00
Ooggle 39d1c6e7d8
Add document blacklist bypass 2022-04-09 12:55:21 +02:00
ktq-cyber 5d898e004f [update] Angular XSS payload 2022-02-23 22:26:16 +07:00
idealphase e9eac5ca59
Update README.md 2021-11-10 22:40:40 +07:00
idealphase 6c7df7dc4e
Update README.md 
Add Bypass dot filter
 2021-11-10 22:38:02 +07:00
Philippe Arteau 9d30f792d4
Remove filename with special characters. 
The filename are already covered in `XSS Injection/README.md`
 2021-10-29 12:56:55 -04:00
Philippe Arteau 16986febde
Remove filename with special characters. 
The filename are already covered in `XSS Injection/README.md`
 2021-10-29 12:56:41 -04:00
Philippe Arteau 7443da045a
Remove filename with special characters. 
The filename are already covered in `XSS Injection/README.md`
 2021-10-29 12:56:25 -04:00
Markus 7996b4f905
Update XSS README.md 
Remove unnecessary complexity from CSP bypass payload
 2021-10-01 16:10:23 +02:00
Lorenzo Grazian 7369ee28b3
Added XSS <object> payload 2021-09-02 15:14:29 +02:00
Swissky 1e85308ae2
Merge pull request #395 from daffainfo/patch-1 
Adding Cloudflare XSS payload
 2021-08-25 22:21:54 +02:00
Swissky f89597725a
Merge pull request #416 from Bort-Millipede/master 
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…
 2021-08-25 22:17:53 +02:00
Alexandre ZANNI 4791962be5
document.domain, window.origin and console.log usage 2021-08-24 20:29:02 +02:00
Jeffrey Cap 9bde75b32d Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload 2021-08-23 14:41:40 -05:00
Swissky 87be30d3b2 DB2 Injection + ADCS 2021-08-10 23:00:19 +02:00
Xib3rR4dAr ae98d629f0
Update README.md 
Removed duplicates.
 2021-08-04 09:29:24 +05:00
Swissky 1fd9260d1e
Update README.md 2021-07-31 11:28:23 +02:00
c14dd49h ee12f8e480
Update README.md 2021-07-22 16:55:03 +02:00
c14dd49h eddc716d8c
Update README.md 2021-07-22 14:47:36 +02:00
Muhammad Daffa 2b6c3cb360
Adding Cloudflare XSS payload 2021-07-15 12:48:02 +07:00
PinkDev1 21c1690adf
Fixed typo on "Tips" section 2021-06-16 19:24:17 +00:00
Swissky 62b897c936
Merge pull request #376 from noraj/patch-2 
XSS: add quick tips for bXSS
 2021-06-16 13:56:29 +02:00
Alexandre ZANNI c469236204
XSS: add quick tips for bXSS 2021-06-16 13:25:46 +02:00
Alexandre ZANNI 8547ac7dfc
XSS: remove bluelotus 
the project is empty
 2021-06-16 13:18:08 +02:00
Swissky 08b59f2856 AD update CME+DCOM 2021-04-21 22:27:07 +02:00
linoskoczek 825295e465
Update README.md 
Fix broken links in Summary
 2021-03-18 19:16:59 +00:00
lapolis_aka_blu 6f758ba6c0
Added closing bracket in unicode full width bypass 
Yeah I know it is logic to use it if you really need the closing tag. But having both brackets in your repo makes it quicker to copy paste :D
 2021-01-15 16:38:51 +00:00
Swissky f7e8f515a5 Application Escape and Breakout 2020-12-17 08:56:58 +01:00
Max Boll 2a65064d15 little update 2020-10-27 14:10:35 +01:00