weyne/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/weyne85/PayloadsAllTheThings.git synced 2025-10-29 16:57:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
488 Commits 4 Branches 4 Tags
Commit Graph

488 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
nizam0906
f81f9440b8
Added More Ways to Detect columns number 
using order by or group by
using order by or group by error based
using UNION SELECT Error Based
 2019-10-29 16:32:22 +05:30
nizam0906
bb2c247160
Added List Database Administrator Accounts 
SELECT datname FROM pg_database
 2019-10-29 10:32:39 +05:30
nizam0906
ab341cff38
Updated Blind XSS endpoint 
* User Agent
* Comment Box
 2019-10-28 16:51:36 +05:30
nizam0906
3dcd4425a8
Added more PostgreSQL Injection Queries 
* PostgreSQL version
* PostgreSQL Current User
* PostgreSQL List Users
* PostgreSQL List Password Hashes
* PostgreSQL List Privileges
* PostgreSQL database name
* PostgreSQL List databases
* PostgreSQL List tables
* PostgreSQL List columns
* PostgreSQL Stacked query
 2019-10-28 16:26:49 +05:30
nizam0906
f35ace93cf
Update PostgreSQL Injection.md 
Updated PostgreSQL Error Based injections
 2019-10-26 18:07:14 +05:30
nizam0906
aef5bb864a
Update jsonp_endpoint.txt 
Added 3 yahoo jsonp endpoints
* https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337)
* https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337)
* https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y-
 2019-10-25 22:27:16 +05:30
nizam0906
5b59da70f7
Update MySQL Injection.md 
Added 6 MYSQL DIOS
* Zen
* Zen WAF
* ~tr0jAn WAF
* ~tr0jAn Benchmark
* N1Z4M
* sharik
 2019-10-25 18:11:11 +05:30
Swissky
88f020381d Out of band XPATH 2019-10-22 23:06:35 +02:00
Swissky
3464611c00
Merge pull request #107 from noraj/patch-1 
fix TOC links
 2019-10-22 21:41:28 +02:00
Alexandre ZANNI
c6b5bbab2b
fix TOC links 2019-10-22 20:26:04 +02:00
Swissky
727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
Swissky
8eae039a28 netdoc:// wrapper for Java SSRF 2019-10-17 21:13:04 +02:00
Swissky
67a68d7eac
Merge pull request #105 from Zeecka/patch-3 
Add filter iconv utf16 LFI bypass tricks
 2019-10-17 19:39:00 +02:00
Alex Zeecka
83caef8ee1
Add filter iconv utf16 LFI bypass tricks 2019-10-17 17:40:59 +02:00
Swissky
b22742ba9e
Merge pull request #103 from Ali-Yazdani/patch-1 
Update readme.md
 2019-10-16 23:35:04 +02:00
Ali Yazdani
52d02cea63
Update readme.md 
Add some related security tools.
 2019-10-16 14:45:42 +02:00
Swissky
6a81a130cc
Merge pull request #102 from op01/master 
Update Silver Ticket
 2019-10-15 19:17:03 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
05b3e13098 SSRF for ECS 2019-10-12 13:30:52 +02:00
Swissky
57628ffd18
Merge pull request #101 from Ali-Yazdani/patch-1 
Add Kubernetes file
 2019-10-11 14:36:54 +02:00
Ali Yazdani
03d02ccdd6
Create readme.md 
Adding Kubernetes file
 2019-10-11 12:56:22 +02:00
Swissky
320a9fad31
Merge pull request #100 from noraj/patch-1 
little changes
 2019-10-09 20:49:20 +02:00
Alexandre ZANNI
9f463d156b
little changes 
- fix exploits ToC anchor
- add nosqlilab
 2019-10-09 16:53:34 +02:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Swissky
8b0bd4d655
Merge pull request #99 from marcan2020/patch-4 
Add  Angular Automatic Sanitization
 2019-10-03 16:14:06 +02:00
Swissky
54d6161c9d
Merge pull request #98 from marcan2020/patch-3 
Add .NET references
 2019-10-03 16:13:25 +02:00
Swissky
cb9b7a1304
Merge pull request #97 from marcan2020/patch-2 
Fix dead youtube link
 2019-10-03 16:13:00 +02:00
marcan2020
920da73bd7
Add Angular automatic sanitization 2019-10-02 21:24:53 -04:00
marcan2020
4f38666c35
Add .NET references 2019-10-02 20:23:37 -04:00
marcan2020
e180d1f7e6
Fix dead youtube link 2019-10-02 20:09:41 -04:00
Swissky
e1e5397d4c
Merge pull request #96 from h3xstream/master 
Add local DTD section to the XXE Injection page
 2019-10-02 20:41:37 +02:00
Philippe Arteau
f2beb0dbbc
Add local DTD section to the XXE Injection page 2019-10-01 18:22:42 -04:00
Swissky
6a11a6c670
Merge pull request #94 from Luci-d/patch-1 
Add Spyse to network discovery
 2019-09-30 14:08:00 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery 
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
 2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
9a02958b51 API Key Leaks - Twitter/Twilio/Gitlab 2019-09-22 17:06:44 +02:00
Swissky
8061cdd856
Merge pull request #92 from Techbrunch/patch-2 
Add XXE payload inside SVG
 2019-09-18 08:12:37 +02:00
Techbrunch
8822199f65
Add XXE payload inside SVG 
Source: https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload
 2019-09-17 16:23:14 +02:00
Swissky
a0917241ad Pebble - Server Side Template Injection 2019-09-17 15:43:13 +02:00
Swissky
e6f94af721
Update FUNDING.yml with buymeacoffee 2019-09-13 17:49:47 +02:00
Swissky
742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Swissky
2a4c4f46b2
Merge pull request #88 from ricardojba/patch-1 
Add Host/Split Unicode Normalization
 2019-08-30 10:03:46 +02:00
Ricardo
0625e2aebf
Add Host/Split Unicode Normalization 
Add Host/Split Exploitable Antipatterns in Unicode Normalization BH 2019 for filter bypass
 2019-08-30 08:57:22 +01:00
Swissky
c6824e7aa9
Merge pull request #86 from JLLeitschuh/patch-1 
Add XSS dot filter bypass with decimal IP
 2019-08-29 20:12:51 +02:00