Mirrors/PayloadsAllTheThings
6
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2024-07-03 08:58:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,893 Commits 2 Branches 5 Tags 37 MiB
12c6531ad2
Commit Graph

1893 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Swissky
12c6531ad2 README - Update links to Internal All The Things 2024-01-12 16:18:36 +01:00
Swissky
c852118ec8 Web Cache Deception + phpt file format 2024-01-11 12:20:25 +01:00
Swissky
4b77292aeb
Merge pull request #704 from therealtoastycat/patch-1 
Adding reverse shell payload for OGNL
 2024-01-05 15:45:19 +01:00
ToastyCat
05f441accf
Update Reverse Shell Cheatsheet.md 
adding details
 2024-01-05 10:25:39 +01:00
Swissky
c6f96f7b2a
Merge pull request #703 from Aftab700/JSON-Prototype-Pollution 
adding the payload for Polluting the prototype via the `constructor`  property in JSON input
 2024-01-05 10:24:16 +01:00
Swissky
f96c1e4356
Merge pull request #701 from Vunnm/patch-1 
specify condition to perform Angular JS Injection
 2024-01-05 10:23:50 +01:00
ToastyCat
3d9363fdc9
Adding reverse shell payload for OGNL 2024-01-05 09:50:43 +01:00
Aftab Sama
08063f0830
adding the payload for Polluting the prototype via the constructor property in JSON input 
Somtimes `__proto__` property may not work, so adding the payload for Polluting the prototype via the `constructor` property in JSON input
 2024-01-03 17:24:28 +05:30
Vunnm
27d19813f8
specify condition to perform Angular JS Injection 
Indicate that ng-app in a root element is needed to inject Angular JS template. Injecting below payload without a root element with ng-app will not result in a successful injection
 2023-12-28 13:30:49 +01:00
Swissky
cbc6e78d2a SOCIAL - site url 2023-12-25 22:11:52 +01:00
Swissky
845fa52f8b SOCIAL - Cards 2023-12-24 14:05:50 +01:00
Swissky
5c42373a25 PHP filter prefix and suffix 2023-12-21 20:12:04 +01:00
Swissky
9fc0acc7e0
Merge pull request #700 from mschader/fix/ad-smbmap-fix-1 
Update Active Directory Attack.md
 2023-12-14 14:44:28 +01:00
Swissky
c579e6d043 Argument Injection 2023-12-14 14:38:39 +01:00
Markus
838d7c8c65
Update Active Directory Attack.md 
Change recursive parameter for smbmap as listed in the documentation
 2023-12-14 11:56:04 +01:00
Swissky
b07c5df892 CSS - Update style color + Blind SQL Oracle 2023-12-10 13:27:21 +01:00
Swissky
4a66a4ed25 CSS - Update style for Chrome 2023-12-04 10:46:10 +01:00
Swissky
1c42bfe5ca
Merge pull request #698 from m10x/master 
Added TInjA and the Template Injection Table
 2023-12-03 18:56:44 +01:00
Maximilian Hildebrand
db1357bb3c
Added TInjA and the Template Injection Table 
Both are novel tools to help Pentesters / Bug bounty hunters to detect template injections
 2023-12-03 13:15:47 +01:00
Swissky
57703ed7ed plocate and Azure AD updates 2023-12-01 22:21:05 +01:00
Swissky
bb71d4ad14
Merge pull request #696 from jenaye/PrintSpoofer 
[Add] - Priv esc windows (PrintSpoofer)
 2023-11-17 12:11:48 +01:00
enaylal
4684fed4aa add priv esc windows 2023-11-16 23:37:12 +01:00
Swissky
d93a228b40
Merge pull request #692 from jlkl/master 
Add two methods about LFI to RCE via PHP PEARCMD
 2023-11-12 18:21:16 +01:00
Swissky
3ba405954a
Merge pull request #693 from bountyhacking/patch-1 
Update README.md
 2023-11-12 18:20:38 +01:00
Swissky
711b44c6b0
Merge pull request #695 from hebelsan/patch-1 
latex injection add blacklist bypass
 2023-11-12 13:15:46 +01:00
Alexander Hebel
ae3f91c88a
latex injection add blacklist bypass 2023-11-12 11:13:41 +01:00
Swissky
d80068cc1b Privileged File Delete 2023-11-04 15:52:29 +01:00
Thomas Emerson Glucklich
49bc19e992
Update README.md 2023-11-01 11:32:31 -04:00
Swissky
46208ca898 Prompt Injection - RCE payloads 2023-11-01 13:56:38 +01:00
Swissky
ed081d7f29 Vulnerability Reports 2023-10-31 17:45:24 +01:00
Str3am
95a85b455d
Add two methods about LFI to RCE via PHP PEARCMD, and delete extra double quotes in method 2 payload 2023-11-01 00:35:59 +08:00
Str3am
072cac04d6
Add two methods about LFI to RCE via PHP PEARCMD 2023-11-01 00:26:27 +08:00
Swissky
156990a2c6
Merge pull request #691 from itsparakh/patch-1 
Update README.md
 2023-10-30 18:17:56 +01:00
itsparakh
4500fdc447
Update README.md 2023-10-28 23:10:28 +05:30
Swissky
85871c6c14
Merge pull request #690 from idealphase/master 
Update README.md (XSLT Injection)
 2023-10-28 17:34:14 +02:00
Swissky
07cf2831ca AWS Key ID + UAC + Race Condition 2023-10-28 17:31:59 +02:00
idealphase
85310ba8e5
Update README.md (XSLT Injection) 
Added Execute a remote php file using `file_put_contents`
 2023-10-28 19:47:25 +07:00
Swissky
3ad350b753 Prompts Examples 2023-10-22 17:17:55 +02:00
Swissky
0f085798c7
Merge pull request #686 from swisskyrepo/prototype-pollution 
Prototype Pollution Update
 2023-10-18 18:47:31 +02:00
Swissky
ccccb34c61 Prototype Pollution Update 2023-10-18 18:46:41 +02:00
Swissky
c95a0a1a28
Merge pull request #681 from the-pythonist/the-pythonist-patch-1 
Update README.md
 2023-10-15 19:36:33 +02:00
Swissky
6c38c3cdda
Merge pull request #682 from 0xblank/master 
Fix typo in GraphQL Injection README.md
 2023-10-15 19:35:32 +02:00
Swissky
d052949a6b
Merge pull request #683 from swisskyrepo/rmi-update 
Java beanshooter
 2023-10-15 19:34:41 +02:00
Swissky
4b6db7b471 Java beanshooter 2023-10-15 19:31:16 +02:00
0xblank
51e8dc6378
Fix typo in GraphQL Injection README.md 2023-10-14 16:39:25 +02:00
the-pythonist
82c3cd92d1
Update README.md 
Prefer ${IFS} to $IFS when doing filter bypass without space as $IFS does not work as a separator for certain commands.
 2023-10-12 14:51:23 +02:00
Swissky
eebea7cb4d
Merge pull request #680 from swisskyrepo/books-update 
Update Books References
 2023-10-12 10:23:48 +02:00
Swissky
886b64801d Update Books References 2023-10-12 10:22:37 +02:00
Swissky
46e446a06f
Merge pull request #679 from swisskyrepo/msi-installer 
MSI installer
 2023-10-11 21:06:37 +02:00
Swissky
e86f221fe8 Fix typo in MSI installer 2023-10-11 21:05:54 +02:00