wanderer/ PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-05-13 11:36:06 +02:00
Code Issues Releases Activity
1,291 Commits 2 Branches 5 Tags 48 MiB
Commit Graph

1291 Commits

Author SHA1 Message Date
Alexandre ZANNI e0f851e6e9
NoSQLi: add POST with urlencoded body 2021-11-07 17:49:50 +01:00
Swissky 7d9dd6806e Powershell Cheatsheet 2021-11-06 19:14:47 +01:00
Swissky 6ff9a71237
Merge pull request #456 from DanielGrunberger/master 
Add kubescape to kubernetes tools
 2021-11-02 12:26:23 +01:00
DanielGrunberger fb4775ce41
Add kubescape to kubernetes tools 2021-11-01 23:08:04 +02:00
Swissky 2daebdddff
Merge pull request #455 from h3xstream/master 
SQL injection various additions
 2021-11-01 10:38:44 +01:00
Philippe Arteau 4169e5d603
informa4on_schema => information_schema 
(Copy-paste error)
 2021-10-31 23:33:58 -04:00
Philippe Arteau 6c5e790234
SQLi: Whitespace alternatives + WAF Bypass 2021-10-31 23:25:08 -04:00
Swissky 1c8067a150 Relaying with WebDav Trick + Shadow Credential 2021-10-30 21:04:23 +02:00
Swissky 9d0efb90ea
Merge pull request #454 from seadog007/patch-1 
Fixed typo
 2021-10-30 11:04:18 +02:00
Swissky c62fd81dad
Merge pull request #453 from h3xstream/master 
Few filename fixes to allow Windows checkout
 2021-10-30 11:03:57 +02:00
Li-Heng Yu b223c66689
Fixed typo 2021-10-30 11:44:33 +08:00
Philippe Arteau 9d30f792d4
Remove filename with special characters. 
The filename are already covered in `XSS Injection/README.md`
 2021-10-29 12:56:55 -04:00
Philippe Arteau 16986febde
Remove filename with special characters. 
The filename are already covered in `XSS Injection/README.md`
 2021-10-29 12:56:41 -04:00
Philippe Arteau 7443da045a
Remove filename with special characters. 
The filename are already covered in `XSS Injection/README.md`
 2021-10-29 12:56:25 -04:00
Philippe Arteau 17e2833f1d Rename file with less than symbol. 2021-10-29 12:26:45 -04:00
Swissky e9c8953249
Merge pull request #452 from llamasoft/patch-1 
Update Kubernetes readme.md
 2021-10-29 10:04:57 +02:00
Marcus T ab9e266b37
Update Kubernetes readme.md 
Adds information about container environments, service accounts, and volumes
 2021-10-28 19:28:01 -04:00
Swissky ee03092eec
Merge pull request #451 from marcan2020/DNS-rebinding 
DNS rebinding
 2021-10-27 22:42:24 +02:00
marcan2020 0803cb04ee
Merge branch 'swisskyrepo:master' into DNS-rebinding 2021-10-27 16:20:23 -04:00
marcan2020 f26844f083 Add DNS rebinding 2021-10-27 16:19:56 -04:00
Swissky e3373dd108 UnPAC The Hash + MachineKeys.txt 2021-10-26 21:56:39 +02:00
Swissky add722d1c2
Merge pull request #450 from ahronmoshe/patch-3 
Update README.md
 2021-10-26 21:51:41 +02:00
ahronmoshe a26867fdf9
Update README.md 2021-10-26 20:35:04 +03:00
Swissky 1a3058f40c Device Code Phish 2021-10-24 20:07:46 +02:00
Swissky d484212de9
Merge pull request #447 from mschader/patch-5 
Update XXE Injection
 2021-10-18 12:39:53 +02:00
Markus 46aabc8c8c
Update XXE Injection 
Slight QOL improvements for the recent changes of the chapter `XXE inside XLSX file`
 2021-10-18 10:13:30 +02:00
Swissky 220e0efef6
Merge pull request #446 from noraj/patch-1 
XXE: OOB via FTP + remote DTD for XSLX files
 2021-10-17 18:52:17 +02:00
Alexandre ZANNI d19b843111
XXE: OOB via FTP + remote DTD for XSLX files 
better than the HTTP method, must robust approach, easier zip repackaging
 2021-10-17 18:00:00 +02:00
Swissky 7e18158c3b
Merge pull request #444 from mschader/patch-4 
Update Windows - Persistence.md
 2021-10-14 09:51:35 +02:00
Markus 6584df310f
Update Windows - Persistence.md 
Add example to `disable windows defender` which uses MpCmdRun.exe to reset the current definitions. I recently used this and it was sufficient, that defender did not recognize previously flagged malicious files. It is quite helpful in case, that Set-MpPreference is not present or that the attacker is not allowed to adjust the service.
 2021-10-14 08:53:25 +02:00
Swissky 45821c00ea
Merge pull request #443 from Flower-dev/master 
add links books
 2021-10-12 21:03:23 +02:00
Flower Dev 1984797f96 add links books 2021-10-12 20:33:31 +02:00
Swissky d2ca8d8016
Merge pull request #442 from Flower-dev/master 
BOOKS.md : new books
 2021-10-12 20:21:34 +02:00
Flower Dev f6ba0ddbff BOOKS.md : new books 2021-10-12 20:17:52 +02:00
Swissky 9688e6e88e
Merge pull request #441 from marcan2020/patch-12 
Update breakout techniques
 2021-10-11 23:13:38 +02:00
marcan2020 39a89e937a
Update breakout techniques 
- Add a section on unassociated protocols
- Add paths to access filesystem via the address bar
- Fix Stick Keys link
- Fix Task Manager shortcut
- Add reference to HackTricks
 2021-10-11 13:53:19 -04:00
Swissky 440b8d825e
Merge pull request #440 from mschader/patch-3 
Update Hash Cracking Methodology
 2021-10-11 18:11:48 +02:00
Markus d1345b0016
Update Hash Cracking Methodology 
Add some structure to add additional tools.
Fix some typo.
Add online resources for cracking password hashes.
 2021-10-11 17:08:46 +02:00
Swissky 6c48d0ae49
Merge pull request #438 from mschader/patch-2 
Update directory traversal wordlist
 2021-10-11 10:13:43 +02:00
Markus 7e737baa23
Update directory traversal wordlist 
Update the intruder wordlist to include CVE-2021-42013 (Traversal/RCE into Apache 2.4.49/2.4.50).
Also add some depth to the current fuzzing payloads to not miss /cgi-bin directories which are located deeper than 4 subdirectories.
 2021-10-11 10:11:10 +02:00
Swissky 0a10a4d029
Merge pull request #437 from swisskyrepo/hash-cracking 
Hash Cracking v0.1
 2021-10-10 23:06:18 +02:00
Swissky 883c35a9e5 Hash Cracking v0.1 2021-10-10 23:05:01 +02:00
Swissky c664a0ee09
Merge pull request #436 from stefanman125/patch-1 
Added CVE-2021-41773 payload
 2021-10-06 21:16:19 +02:00
Stefan e4a1217200
Added CVE-2021-41773 payload 2021-10-06 11:10:25 -04:00
Swissky 382a6d57e2
Merge pull request #435 from p0dalirius/patch-2 
Fixed typos, added links and better formatting in Active Directory Attack.md
 2021-10-06 10:17:38 +02:00
p0dalirius 09b1b8984a Update Active Directory Attack.md 2021-10-06 09:05:49 +02:00
p0dalirius 8045496946 Update Active Directory Attack.md 2021-10-06 08:59:13 +02:00
p0dalirius 19b4bee7a0 Update Active Directory Attack.md 2021-10-06 08:54:16 +02:00
p0dalirius e0b8bee5a6 Update Active Directory Attack.md 2021-10-06 08:45:44 +02:00
p0dalirius 25b6003229 Update Active Directory Attack.md 2021-10-06 08:29:59 +02:00