PayloadsAllTheThings

weyne/PayloadsAllTheThings

Fork 0

mirror of https://github.com/weyne85/PayloadsAllTheThings.git synced 2025-10-29 16:57:02 +00:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

prototype-pollution

rmi-update

1.0

2.0

2.1

3.0

747f1d172c Reverse shell python for Windows + Lua + Awk Swissky 2018-10-02 17:17:03 +02:00
824d8c370b Bugfix README + Can I take over xyz Swissky 2018-10-02 16:57:01 +02:00
1c5f8889bd Network Discovery and Subdomains enumerations Swissky 2018-10-02 16:17:16 +02:00
b315252c89 LFI - Intruder files (Windows,Linux,Logs...) Swissky 2018-10-01 17:11:51 +02:00
a3975ab261 SQLmap TOR + Cookie + Proxy Swissky 2018-10-01 16:03:07 +02:00
7b49f1b13a PHP Serialization - phpggc Swissky 2018-10-01 12:30:14 +02:00
6ca5ff1703 PHP Serialization Auth Bypass - Merge pull request #25 from noraj/patch-2 Swissky 2018-09-26 18:04:08 +02:00
3cf806c8ff 2nd unserialize payload Alexandre ZANNI 2018-09-26 00:13:19 +02:00
d49e40b1b2 add auth bypass Alexandre ZANNI 2018-09-25 23:59:29 +02:00
1a1a48c725 Web Cache Deception details from SI9INT's blogpost Swissky 2018-09-23 20:07:19 +02:00
8bef006d7f MSSQL Comments - Merge pull request #24 from Margular/patch-1 Swissky 2018-09-22 23:12:23 +02:00
20c1e5c075 add comments 时雨 2018-09-23 02:30:03 +08:00
cce0444245 SQL injection - Intruders payloads Swissky 2018-09-21 18:44:32 +02:00
699d66d701 Merge pull request #23 from noraj/patch-1 Swissky 2018-09-21 18:42:32 +02:00
a1eb693270 routed injection in ToC Alexandre ZANNI 2018-09-20 23:52:07 +02:00
7a80647e63 Raw MD5 SQL injection + SSH Konami Code Swissky 2018-09-10 23:12:29 +02:00
2a080f82e6 Cassandra SQL + XSS MD + PHP Type Juggling Swissky 2018-09-10 20:40:43 +02:00
90f4c3634e PDF JS Swissky 2018-09-06 20:28:30 +02:00
beb0ce8c54 Linux Persistence + WebLogic RCE Swissky 2018-09-03 18:41:05 +02:00
011baa7321 Merge pull request #22 from cclauss/patch-1 Swissky 2018-09-02 15:57:48 +02:00
d642980f8c Use octal numbers that work in both Python 2 and 3 cclauss 2018-09-02 14:09:55 +02:00
d847e2e6bb Merge pull request #21 from cclauss/patch-1 Swissky 2018-09-02 13:54:45 +02:00
150110a96c import string in uploadlfi.py cclauss 2018-09-02 13:24:35 +02:00
64e577b650 CSP bypass fix link Swissky 2018-09-01 15:38:57 +02:00
fe52b32af8 XSS CSP Bypass + PostgreSQL read/write Swissky 2018-09-01 15:36:33 +02:00
c38adaded3 CVE Apache Struts + XSS in Python Notebook Swissky 2018-08-28 18:48:26 +02:00
2a54753d11 Merge pull request #20 from developersatyendra/master Swissky 2018-08-28 18:37:17 +02:00
e2bd481882 Rename ApacheStrutsV3.py to ApacheStrutsV3-2018.py developersatyendra 2018-08-28 03:15:10 -04:00
72e73e38c2 Created ApacheStrutsV3.py developersatyendra 2018-08-28 03:14:40 -04:00
f612a91bb5 LFI via Upload (race condition) + Network Pivot nmap Swissky 2018-08-26 15:43:26 +02:00
b2faf8c747 SSRF bugfix picture Swissky 2018-08-23 19:16:38 +02:00
2b7acbc493 SSRF - Bad Parsers Swissky 2018-08-23 19:15:15 +02:00
0c707c4188 ImageTragick v2 + Angular 1.6+ XSS Swissky 2018-08-22 21:42:25 +02:00
fe7314444c Phar Wrapper - "unserialize" Swissky 2018-08-19 18:47:32 +02:00
cfbe1a4469 SSRF Docker & Kubernetes Swissky 2018-08-19 16:32:26 +02:00
e11339e669 Markdown formatting - Part 3 Swissky 2018-08-13 13:07:37 +02:00
b87e14a0ed Markdown formatting - Part 2 Swissky 2018-08-13 12:01:13 +02:00
65654f81a4 Markdown formatting update Swissky 2018-08-12 23:30:22 +02:00
177c12cb79 Multiple update in READMEs + RCE tricks Swissky 2018-08-12 00:17:58 +02:00
b20cdde4d9 Adding soffensive's windowsblindread file Swissky 2018-08-03 17:56:29 +02:00
644724396f LaTeX display code + XSS location alternative Swissky 2018-08-01 21:19:18 +02:00
dcc5ebd3b6 Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings Swissky 2018-07-31 19:23:13 +02:00
ce1096830d Merge pull request #19 from Isopach/Isopach-patch-1 Swissky 2018-07-31 13:28:31 +02:00
8e26277407 Update README.md Isopach 2018-07-31 18:02:38 +09:00
4e1077c25e Weblogic RCE CVE 2018 2894 1.0 Swissky 2018-07-26 19:15:53 +02:00
6524c8e544 LaTex injection - typo language markdown Swissky 2018-07-22 22:39:37 +02:00
15891b3ab4 LaTeX injection + RCE bypass with backslash Swissky 2018-07-22 22:35:46 +02:00
93f4bbb19e AD BloodHound + AD Relationship + SSRF Digital Ocean Swissky 2018-07-15 11:06:43 +02:00
4b093d12fb PHP Object serialization + README update Swissky 2018-07-09 19:49:56 +02:00
cdc3adee51 PassTheTicket + OpenShare + Tools(CME example) Swissky 2018-07-08 20:03:40 +02:00
4cf28496e0 Beer contributing Swissky 2018-07-07 12:48:02 +02:00
abd3c565da Coffee contributing Swissky 2018-07-07 12:45:32 +02:00
76aefd9da2 Path traversal refactor + AD cme module msf/empire + IIS web.config Swissky 2018-07-07 12:04:55 +02:00
4a0fc27578 XSS Colors highlighting + JS code eval Swissky 2018-06-27 20:00:17 +02:00
a7439d812d Windows port forwarding - Netsh Swissky 2018-06-09 18:56:19 +02:00
4ad7c70e89 SSRF to XSS + Retail account Windows Swissky 2018-06-06 00:05:28 +02:00
8eb6cb80f9 GPP decrypt + SSRF url for cloud providers Swissky 2018-05-27 22:27:31 +02:00
e261836532 Windows PrivEsc + SQLi second order + AD DiskShadow Swissky 2018-05-20 22:10:33 +02:00
f1cb7ce50e SQL Cheatsheets - Refactoring part 1 Swissky 2018-05-16 23:33:14 +02:00
81eebeaea2 AD - Ropnop Tricks Swissky 2018-05-08 22:11:36 +02:00
6a39f25661 AD - refactor part 4 (link and src) Swissky 2018-05-06 19:07:34 +02:00
c5bbe88372 AD - refactor part3 Swissky 2018-05-05 23:11:17 +02:00
1feccf84cb AD refactor - Part 2 : summary Swissky 2018-05-05 17:41:04 +02:00
6869c399d5 AD refactoring part1 Swissky 2018-05-05 17:32:19 +02:00
2dcffadd46 AD - Little fixes and refactor Swissky 2018-04-28 19:54:32 +02:00
cb3b298451 Oracle SQL + SQL injection updates (MS SQL/MYSQL/ GENERAL) Swissky 2018-04-27 23:31:58 +02:00
8209d32baf Abstract for methodology Swissky 2018-04-23 21:22:11 +02:00
54661cbd70 Bugfix - Tables Token/Brand Swissky 2018-04-23 20:55:26 +02:00
aace268267 Payment functionality - International Tests Swissky 2018-04-23 20:45:54 +02:00
02484cee00 BUGFIX: API Payment Swissky 2018-04-23 18:46:09 +02:00
9c5eade544 Update methodology - Bugfix Swissky 2018-04-23 18:44:49 +02:00
f832022920 Drupalgeddon2 update + Payment API in Methodology Swissky 2018-04-23 18:41:59 +02:00
39b5e0e122 Drupal exploit Swissky 2018-04-17 21:39:26 +02:00
f62d466340 Fix Golden Ticket Swissky 2018-04-15 16:02:27 +02:00
b8fbca3347 AD Attack - Golden Ticket + SQL/OpenRed/SSRF Swissky 2018-04-12 23:23:41 +02:00
354d94219e Merge pull request #18 from zer0trip/patch-1 Swissky 2018-03-28 09:52:53 +02:00
058fb1e08d Update README.md Sean Adams 2018-03-27 19:55:14 -04:00
040c39ead1 Merge pull request #17 from SeanCodingOnline/patch-1 Swissky 2018-03-27 19:59:27 +02:00
b87a2082bd Update README.md Sean Adams 2018-03-27 12:51:39 -04:00
a7f3ebc0ee Merge pull request #15 from paralax/patch-1 Swissky 2018-03-26 15:57:47 +02:00
8adf5948f9 fix markdown formatting, no content changes jose nazario 2018-03-26 09:47:44 -04:00
e6b5dfa3de Fix README broken links Swissky 2018-03-25 23:51:22 +02:00
d1f6e8397d Refactoring XSS 0/? Swissky 2018-03-23 13:53:53 +01:00
30019235f8 SQLmap tips + Active Directory attacks + SQLite injections Swissky 2018-03-12 09:17:31 +01:00
70f38d5678 Payloads - Quick fix Swissky 2018-02-23 13:48:51 +01:00
b87c3fd7ff Traversal Dir + NoSQL major updates + small addons Swissky 2018-02-15 23:27:42 +01:00
40fa20ec63 Merge pull request #13 from soffensive/master Swissky 2018-01-26 20:14:51 +01:00
4892dc6577 Further payload added soffensive 2018-01-26 13:31:52 +01:00
be12684bc0 Added payload to detect more reliably blind NoSQL injection soffensive 2018-01-26 13:28:57 +01:00
3793d91fd4 Mimikatz + Credential Windows + XXE update Swissky 2017-12-06 20:40:29 +01:00
2c048f7b52 SSRF Ip script + DDL & Execute Windows Swissky 2017-11-24 09:57:48 +01:00
fea88a5738 SVG XSS + SSRF enclosed alphanumerics Swissky 2017-11-19 14:01:36 +01:00
f740d8e825 MySQL - Code exec Swissky 2017-11-09 09:05:50 +01:00
edd5f3601f File inclusion - more intruders Swissky 2017-10-21 16:48:17 +02:00
6b1c98010d Merge pull request #10 from melvinsh/master Swissky 2017-10-16 09:55:31 +02:00
59971e95d2 Add CSRF to OAuth2 Melvin Lammerts 2017-10-16 08:41:43 +02:00
d16aec6f6a Tomcat CVE-2017-12617 Swissky 2017-10-10 10:19:14 +02:00
a2d5fe5cad Upload .htaccess to PHP code exec Swissky 2017-10-09 23:17:31 +02:00
6ad7965efc SSRF AWS + Shell.php{3,4,5,7} Swissky 2017-09-27 14:37:07 +02:00
87ef554e40 LFI to RCE via input:// stream Swissky 2017-09-24 00:37:56 +02:00

... 15 16 17 18 19

Commit Graph Select branches Hide Pull Requests gh-pages master prototype-pollution rmi-update 1.0 2.0 2.1 3.0 Mono Color

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

prototype-pollution

rmi-update

1.0

2.0

2.1

3.0