PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2024-07-03 00:43:55 +00:00

Author	SHA1	Message	Date
Swissky	27050f6dd8	MSSQL Server Cheatsheet	2020-12-05 11:37:34 +01:00
Swissky	e9390d1572	Merge pull request #297 from u0pattern/u0pattern-patch-1 XXE WAF Bypass Added	2020-12-04 10:21:17 +01:00
ムハンマド	eb75a7e304	XXE WAF Bypass Added	2020-12-04 05:16:37 +03:00
Swissky	e13f152b74	AD - Recon	2020-12-02 18:43:13 +01:00
Swissky	3314f8bd99	Merge pull request #294 from lanjelot/add-s3-objects-check Add tool nccgroup/s3_objects_check	2020-11-29 19:25:07 +01:00
lanjelot	bca107cc64	Move duplicated tool references into one place	2020-11-30 01:38:04 +11:00
lanjelot	10e6c075f7	Add tool nccgroup/s3_objects_check	2020-11-30 01:17:15 +11:00
Swissky	7cd34d4ffa	Merge pull request #293 from cervoise/patch-1 Update README.md	2020-11-26 18:45:16 +01:00
Cervoise	e9de4e9d78	Update README.md Add the "?" trick.	2020-11-26 16:43:10 +01:00
Swissky	b918095775	AzureHound	2020-11-24 12:41:34 +01:00
Swissky	13ed9c8628	Merge pull request #292 from paupaulaz/master Puts the H1 reports at the right place	2020-11-22 12:57:27 +01:00
paupaulaz	b7547cc171	Puts the H1 reports at the right place The HackerOne reports mentioned in this doc are referring to Request Smuggling, not CSRF	2020-11-22 10:52:20 +01:00
Swissky	a639121b21	Merge pull request #291 from marcan2020/patch-11 Remove unnecessary condition to extract columns	2020-11-18 10:12:53 +01:00
marcan2020	3cf44386da	Remove unnecessary condition to extract columns Since we retrieve only the rows with a specific table name `name ='table_name', the table name won't start with `sqlite_` . Thus, we can remove the unnecessary condition.	2020-11-17 19:59:11 -05:00
Swissky	8863292545	Merge pull request #290 from bascoe10/patch-1 Sorted the list of revshell options	2020-11-14 22:28:53 +01:00
Abass Sesay	95b07c9e3e	Sorted the list of revshell options Miniscule change because it was grinding my grinding my gears that the list is not sorted :-)	2020-11-14 09:20:49 -08:00
Swissky	a60caaefef	Merge pull request #289 from samsbp/master Update ssrf payloads specific to java	2020-11-08 12:47:15 +01:00
PwnL0rd	bde7fc738c	added link in the reference section	2020-11-08 12:00:35 +05:30
security-is-myth	f3066722ee	update SSRF/README.md with java payloads	2020-11-07 22:07:18 +05:30
security-is-myth	08bc3acb05	update SSRF/README.md with java payloads	2020-11-07 22:03:02 +05:30
Swissky	bd184487e5	NTLM Hashcat	2020-11-06 16:20:03 +01:00
Swissky	6a82f47f32	Merge pull request #288 from bolli95/master TWITTER.md added	2020-11-03 12:57:53 +01:00
Swissky	0492545960	Update TWITTER.md	2020-11-03 12:57:33 +01:00
Max Boll	5930efcb80	TWITTER.md added	2020-11-03 11:37:20 +01:00
Swissky	f9e2512080	Merge pull request #287 from beomsu317/master Update SQL-Injection	2020-11-03 10:38:02 +01:00
Swissky	464fbeb8f4	Merge pull request #285 from random-robbie/patch-1 Update README.md	2020-10-31 22:47:09 +01:00
Robbie	e8fccb6dd2	Update README.md added 169.254.169.254 decimal	2020-10-31 20:19:27 +00:00
Swissky	7f36bf58a4	Merge pull request #284 from akoul02/patch-1 Improved Jade payload	2020-10-31 16:47:10 +01:00
akoul02	ed944a95af	Improved Jade payload	2020-10-31 18:02:29 +03:00
Swissky	1137bfca8d	Remote Desktop Services Shadowing	2020-10-30 21:10:00 +01:00
Swissky	4fe1d71ad8	Merge pull request #283 from d4rkc0nd0r/patch-9 Update MySQL Injection.md	2020-10-29 16:44:14 +01:00
Siddharth Reddy	2bdd23dc51	Update MySQL Injection.md	2020-10-29 17:03:22 +05:30
Swissky	c7be142d62	Merge pull request #282 from Gorgamite/patch-3 Added winPEAS to windows privilege escalation tool	2020-10-29 12:20:55 +01:00
Gorgamite	f9389d708b	Added winPEAS to windows privilege escalation tool WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe It doesn't auto exploit, but it's rather thorough and effective.	2020-10-29 03:57:40 -07:00
Swissky	db533aabd4	Merge pull request #280 from Gorgamite/master Added LinPEAS to Linux Privesc.	2020-10-29 11:56:44 +01:00
Swissky	2746451408	Merge pull request #279 from Gorgamite/patch-1 Added more information on kernel exploits	2020-10-29 11:55:25 +01:00
Gorgamite	ff3b45e0b7	Added LinPEAS to Linux Privesc. I very strongly recommend adding LinPEAS to the enumeration tools. LinPEAS is arguably the best linux privesc enumeration tool out there. If you haven't used it, I'd try it out. It highlights all relevant information with color coded text, and you can pass it parameters to control the thoroughness of the scan. You should add WinPEAS for windows privesc as well.	2020-10-29 03:50:05 -07:00
Gorgamite	1b69a3ef73	Update Linux - Privilege Escalation.md	2020-10-29 03:22:08 -07:00
Swissky	9eb84bcfb7	Merge pull request #278 from marcan2020/patch-10 Add Springboot Actuator RCE	2020-10-28 18:37:38 +01:00
marcan2020	1535077d9d	Add Springboot Actuator RCE	2020-10-28 12:05:12 -04:00
Swissky	ae3a4d4336	Merge pull request #277 from bolli95/master XSS detection tools added	2020-10-27 15:08:56 +01:00
Max Boll	2a65064d15	little update	2020-10-27 14:10:35 +01:00
Max Boll	8448bbc483	Merge branch 'master' of github.com:bolli95/PayloadsAllTheThings	2020-10-27 13:31:51 +01:00
Max Boll	350c55a1ac	XSS Tools added	2020-10-27 13:31:37 +01:00
Swissky	99f53ae9b4	Merge pull request #276 from clem9669/patch-5 Adding marshalsec tool & references	2020-10-26 16:35:02 +01:00
clem9669	f7c837ffdd	Adding marshalsec tool & references Adding marshalsec tool & references	2020-10-26 14:43:16 +00:00
Swissky	c52cfb1200	Merge pull request #275 from c-nagy/master Added a brief overview for type juggling	2020-10-26 14:57:06 +01:00
@cnagy	ec445110d6	Added a brief overview for type juggling	2020-10-25 19:19:44 +00:00
Swissky	fa497c2149	Merge pull request #274 from bolli95/master CORS and CRLF documentation updated	2020-10-25 14:02:02 +01:00
Swissky	9992990e40	Update README.md	2020-10-25 14:01:53 +01:00

1 2 3 4 5 ...

946 Commits