PayloadsAllTheThings

wanderer/PayloadsAllTheThings

Fork 0

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-04-20 12:37:58 +02:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#10

#100

#101

#102

#103

#105

#106

#107

#108

#109

#110

#111

#112

#113

#114

#115

#116

#117

#118

#119

#120

#121

#122

#123

#124

#125

#127

#128

#129

#13

#130

#131

#132

#134

#135

#136

#137

#138

#139

#142

#143

#145

#146

#148

#149

#15

#150

#151

#152

#154

#155

#156

#157

#158

#159

#162

#163

#164

#165

#166

#167

#169

#17

#171

#172

#173

#174

#175

#176

#178

#179

#18

#180

#181

#182

#183

#186

#187

#188

#19

#190

#191

#192

#193

#196

#197

#198

#2

#20

#200

#201

#202

#204

#206

#207

#208

#209

#21

#210

#213

#214

#215

#216

#217

#218

#219

#22

#220

#221

#223

#224

#225

#226

#227

#229

#23

#230

#231

#233

#234

#235

#236

#237

#238

#239

#24

#240

#241

#242

#243

#244

#246

#247

#248

#249

#25

#250

#251

#253

#254

#255

#257

#258

#259

#26

#260

#261

#262

#263

#264

#265

#266

#267

#268

#269

#27

#270

#271

#272

#273

#274

#275

#276

#277

#278

#279

#28

#280

#281

#282

#283

#284

#285

#287

#288

#289

#29

#290

#291

#292

#293

#294

#296

#297

#3

#30

#302

#304

#305

#306

#307

#308

#309

#310

#311

#312

#313

#314

#315

#316

#319

#32

#320

#322

#323

#324

#325

#326

#327

#328

#329

#330

#331

#332

#333

#334

#335

#336

#338

#339

#34

#341

#343

#345

#346

#348

#349

#35

#350

#351

#352

#353

#354

#355

#356

#358

#36

#360

#361

#362

#365

#366

#367

#37

#370

#371

#374

#375

#376

#377

#378

#379

#38

#381

#383

#384

#386

#387

#388

#389

#39

#395

#396

#397

#398

#399

#40

#400

#401

#402

#403

#404

#405

#406

#407

#408

#409

#41

#410

#411

#412

#413

#414

#415

#416

#417

#418

#419

#42

#420

#421

#422

#423

#424

#425

#426

#427

#428

#429

#43

#430

#431

#432

#433

#434

#435

#436

#437

#438

#439

#44

#440

#441

#442

#443

#444

#445

#446

#447

#448

#449

#45

#450

#451

#452

#453

#454

#455

#456

#457

#458

#46

#460

#461

#462

#463

#464

#465

#466

#467

#468

#469

#47

#470

#471

#472

#473

#474

#475

#476

#477

#478

#479

#48

#480

#481

#482

#483

#484

#485

#486

#487

#488

#489

#49

#490

#491

#492

#493

#494

#495

#496

#497

#498

#499

#50

#500

#501

#502

#503

#504

#505

#506

#507

#508

#509

#510

#511

#512

#513

#514

#515

#516

#517

#518

#519

#52

#520

#521

#522

#523

#524

#525

#526

#527

#528

#529

#53

#530

#531

#532

#533

#534

#535

#536

#537

#538

#539

#54

#540

#541

#541

#542

#543

#544

#545

#546

#547

#548

#549

#55

#550

#551

#552

#553

#554

#555

#556

#557

#558

#559

#56

#560

#561

#562

#563

#564

#565

#566

#567

#568

#569

#57

#570

#571

#572

#573

#574

#575

#576

#577

#578

#579

#58

#580

#580

#581

#582

#583

#584

#585

#586

#587

#588

#589

#590

#591

#592

#593

#594

#595

#596

#597

#598

#599

#6

#60

#600

#601

#602

#603

#604

#604

#605

#606

#607

#608

#609

#61

#610

#611

#612

#613

#614

#615

#616

#617

#618

#619

#62

#620

#621

#622

#623

#624

#625

#626

#627

#628

#629

#63

#630

#631

#631

#632

#633

#634

#635

#636

#637

#638

#639

#64

#640

#641

#642

#643

#644

#645

#646

#647

#648

#649

#65

#650

#651

#652

#653

#654

#655

#655

#656

#657

#658

#659

#66

#660

#661

#662

#663

#664

#665

#666

#667

#668

#669

#67

#670

#671

#672

#673

#674

#675

#676

#677

#677

#678

#679

#680

#681

#682

#683

#684

#685

#686

#687

#688

#689

#690

#691

#692

#693

#694

#695

#696

#697

#698

#699

#7

#70

#700

#701

#702

#703

#704

#705

#706

#706

#707

#708

#709

#71

#710

#711

#712

#713

#714

#715

#716

#717

#718

#719

#719

#72

#720

#720

#721

#722

#723

#724

#725

#726

#727

#728

#729

#73

#730

#731

#732

#733

#734

#735

#736

#736

#737

#738

#739

#740

#740

#741

#741

#742

#743

#744

#745

#746

#747

#748

#749

#75

#750

#751

#752

#753

#754

#755

#756

#757

#758

#759

#76

#760

#760

#761

#762

#763

#763

#764

#765

#766

#766

#767

#768

#769

#770

#770

#771

#772

#773

#774

#774

#775

#775

#776

#776

#79

#8

#8

#82

#83

#85

#86

#87

#88

#92

#93

#94

#96

#97

#98

#99

1.0

2.0

2.1

3.0

4.0

4.1

dab064a583

adding reference to blog Lewis 2019-07-12 12:49:02 -0700
504caa3b50 SSTI by calling Popen without guessing the offset Swissky 2019-07-10 21:31:44 +0200
bdef021a6d Magic Hashes SHA224 and SHA256 Swissky 2019-07-10 21:26:24 +0200
05054af343 JWT RS256 to HS256 using pubkey to generate a signature Swissky 2019-07-10 20:58:50 +0200
6cecb8fa7a GraphQL - Projection + Edges/Nodes Swissky 2019-07-05 21:34:04 +0200
f6564869f0 Fix typo in PHP Object injection 2.1 Swissky 2019-07-05 18:42:42 +0200
13ba72f124 GraphQL + RDP Bruteforce + PostgreSQL RCE Swissky 2019-07-01 23:29:29 +0200
46780de750 PostgreSQL rewrite + LFI SSH Swissky 2019-06-29 19:23:34 +0200
144b3827ab MS14-068 + /etc/security/opasswd Swissky 2019-06-29 17:55:13 +0200
3b85f1b6fc UTF-8 encoding for File Inclusion Swissky 2019-06-29 11:20:17 +0200
b148a9c906

Merge pull request #76 from ElonSalfati/master Swissky 2019-06-28 17:30:12 +0200
a4411ae086

Added 2 working sql injection lines Elon Salfati 2019-06-28 18:16:45 +0300
7dda79bfc1 ImageMagik Ghost Script + Typo git summary Swissky 2019-06-26 00:07:06 +0200
1cec6e9a35

Merge pull request #75 from scarvell/master Swissky 2019-06-24 14:32:11 +0200
601db0e188 Added freemarker PoC that doesn't require spaces or tags Brendan Scarvell 2019-06-24 21:38:56 +1000
9be62677b6 Add root user + PHP null byte version Swissky 2019-06-24 00:21:39 +0200
c3f96c6753 GraphQL injection : blind nosqli + sqli Swissky 2019-06-21 17:01:43 +0200
9745e67465 HQL Injection + references update Swissky 2019-06-16 23:45:52 +0200
6921cde15c

Merge pull request #73 from ahhh/patch-1 Swissky 2019-06-12 00:14:08 +0200
24a05c7098

Update Windows - Privilege Escalation.md Dan Borges 2019-06-11 11:51:09 -0700
8cec2e0ca3 Linux PrivEsc - Writable files Swissky 2019-06-10 11:09:02 +0200
94a60b43d6 Writable /etc/sudoers + Meterpreter autoroute Swissky 2019-06-10 11:00:54 +0200
a85fa5af28 Local File Include : rce via mail + kadimus Swissky 2019-06-10 00:05:47 +0200
5d4f65720a PrivEsc - Common Exploits Swissky 2019-06-09 20:53:41 +0200
e8cd11f88f plink + sshuttle : Network Pivoting Techniques Swissky 2019-06-09 18:13:15 +0200
adcea1a913 Linux PrivEsc + SSH persistency Swissky 2019-06-09 16:05:44 +0200
f5a8a6b62f Meterpreter shell Swissky 2019-06-09 14:26:14 +0200
93f6c03b54 GraphQL + LXD/etc/passwd PrivEsc + Win firewall Swissky 2019-06-09 13:46:40 +0200
00f50c5f32

Merge pull request #72 from h1-ragnar/patch-1 Swissky 2019-06-06 19:03:17 +0200
edcac293a8

Cloudflare XSS Bypasses by Bohdan Korzhynskyi h1-ragnar 2019-06-05 21:36:41 +0300
b031115588

Merge pull request #71 from jonasw234/master Swissky 2019-05-30 12:33:24 +0200
f5702467d6 Add nginx log files for LFI log poisoning Jonas Wendorf 2019-05-30 12:01:24 +0200
f88da43e1c SQL informationschema.processlist + UPNP warning + getcap -ep Swissky 2019-05-25 18:19:08 +0200
b1a05d1aab

Create License Swissky 2019-05-25 16:27:35 +0200
72c96ade44

Merge pull request #70 from AlexisVLRT/master Swissky 2019-05-24 17:37:39 +0200
506014dd5f

Some link's markdown was broken Alexis VIALARET 2019-05-24 17:15:33 +0200
9c2e63818f XSS without parenthesis, semi-colon + Lontara Swissky 2019-05-15 21:55:17 +0200
cc8c7b3e70 Fix YOUTUBE and BOOKS links Swissky 2019-05-12 22:59:22 +0200
698cc52eaa README rewrite : BOOKS and YOUTUBE Swissky 2019-05-12 22:43:42 +0200
b81df17589 RFI - Windows SMB allow_url_include = "Off" Swissky 2019-05-12 22:23:55 +0200
bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp Swissky 2019-05-12 21:34:09 +0200
765c615efe XSS injection Summary + MSF web delivery Swissky 2019-05-12 14:22:48 +0200
6bc297252a

Merge pull request #67 from roman-mueller/master Swissky 2019-05-08 01:27:16 +0200
403cb4ef65 Remove http:// prefix for DNS queries Roman Mueller 2019-05-07 18:14:49 +0200
2b3f07236b XSLT in SAML Swissky 2019-04-28 13:06:59 +0200
d0f14cbfde

Merge pull request #66 from cclauss/patch-1 Swissky 2019-04-27 01:02:09 +0200
a458cb397d

Use print() function in both Python 2 and Python 3 cclauss 2019-04-26 14:35:16 -0400
bd861e304f

Merge pull request #65 from noraj/patch-1 Swissky 2019-04-25 01:16:36 +0200
0ccccd0fea

add JSON headers Alexandre ZANNI 2019-04-24 22:59:24 +0200
5bb27ee889 SSRF Google Cloud - add ssh key Swissky 2019-04-22 11:35:07 +0200
4d3ee90eec Command injection rewritten Swissky 2019-04-21 19:50:50 +0200
81f93a19c2 SSRF AWS Elastic Beanstak Swissky 2019-04-21 18:51:32 +0200
aac5a57932

Merge pull request #64 from noraj/patch-1 Swissky 2019-04-21 14:12:06 +0200
9dfd7835ea mitm6 + ntlmrelayx Swissky 2019-04-21 14:08:18 +0200
e467d6096a

add nosqli GET example Alexandre ZANNI 2019-04-21 13:00:16 +0200
49b9d0aff7 MSQL UDF sys_exec + SSRF IP: 127.1 and 127.0.1 Swissky 2019-04-20 20:23:40 +0200
271cc269b6

Merge pull request #63 from BillyNoGoat/patch-1 Swissky 2019-04-16 18:55:29 +0200
e0dbfc1578

Fixed link for google CSP bypass BillyNoGoat 2019-04-16 11:37:59 +0100
13864bde04 GoGitDumper + MySQL summary rewrite Swissky 2019-04-15 00:49:56 +0200
b4633bbb66 sudo_inject + SSTI FreeMarker + Lin PrivEsc passwords Swissky 2019-04-14 21:01:14 +0200
b8e74fe0ba Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings Swissky 2019-04-14 19:48:36 +0200
c66197903f MYSQL Truncation attack + Windows search where Swissky 2019-04-14 19:46:34 +0200
ee00dc1803

Merge pull request #62 from PwnFunction/patch-1 Swissky 2019-04-13 14:03:43 +0200
4c6f9e21e9

Bypass using IPv6/IPv4 Address Embedding PwnFunction 2019-04-13 17:06:06 +0530