coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,572 Commits 4 Branches 0 Tags 190 MiB
85e74a98f3
Commit Graph

532 Commits

Author SHA1 Message Date
CPol
e611cdb14f
GitBook: [#3054] No subject 2022-03-13 16:39:41 +00:00
CPol
9027707da9
GitBook: [#3052] No subject 2022-03-11 23:33:08 +00:00
CPol
c33ae721db
GitBook: [#3048] No subject 2022-03-09 12:33:12 +00:00
CPol
167b04d271
GitBook: [#3047] No subject 2022-03-09 12:12:51 +00:00
RandomVersion
0cc8c5d5e7
fix typo 2022-03-08 11:20:32 +02:00
CPol
42ee735ece
GitBook: [#3038] No subject 2022-02-28 09:13:08 +00:00
Rend
5ae3c0b776
Update README.md 2022-02-26 16:07:06 +03:30
CPol
bb39acf9e1
GitBook: [#3033] No subject 2022-02-23 11:08:45 +00:00
CPol
626259908b
GitBook: [#3032] No subject 2022-02-23 10:56:11 +00:00
CPol
c50fb5e38d
GitBook: [#3029] No subject 2022-02-22 11:36:42 +00:00
CPol
501bf1ba56
GitBook: [#3027] No subject 2022-02-22 10:32:26 +00:00
CPol
4a5d3a49d3
GitBook: [#3028] No subject 2022-02-22 10:19:19 +00:00
CPol
c7c8039587
GitBook: [#3026] No subject 2022-02-21 15:48:28 +00:00
CPol
bdd6a5edac
GitBook: [#3025] No subject 2022-02-20 11:54:07 +00:00
CPol
d5d3501fda
GitBook: [#3024] No subject 2022-02-19 19:42:58 +00:00
CPol
d7e70413dc
GitBook: [#3023] No subject 2022-02-18 18:14:38 +00:00
CPol
1bb57995e1
GitBook: [#3021] No subject 2022-02-18 17:51:13 +00:00
CPol
5b391bbae7
GitBook: [#3020] No subject 2022-02-18 15:49:34 +00:00
CPol
a80d89f12c
GitBook: [#3016] No subject 2022-02-17 16:34:34 +00:00
CPol
02ae81414e
GitBook: [#3012] No subject 2022-02-16 09:28:48 +00:00
CPol
428691a660
GitBook: [#3009] No subject 2022-02-13 18:46:11 +00:00
CPol
3aea4c400a
GitBook: [#3008] No subject 2022-02-13 16:34:45 +00:00
CPol
19f982fe32
GitBook: [#3007] No subject 2022-02-13 12:30:13 +00:00
CPol
14b81d88b7
GitBook: [#3006] No subject 2022-02-12 12:08:47 +00:00
CPol
de130e5afb
GitBook: [#3004] No subject 2022-02-10 12:30:58 +00:00
CPol
75b449c922
GitBook: [#2999] No subject 2022-02-09 16:22:44 +00:00
CPol
38bfa7a7ed
GitBook: [#2996] No subject 2022-02-08 12:26:49 +00:00
CPol
6e5cd29dfd
GitBook: [#2986] No subject 2022-02-03 15:39:58 +00:00
CPol
8e9f19eec9
GitBook: [#2985] No subject 2022-02-03 12:18:21 +00:00
CPol
9641f5046e
GitBook: [#2983] No subject 2022-02-03 00:17:18 +00:00
CPol
5d0f41755d
GitBook: [#2982] No subject 2022-02-02 15:35:20 +00:00
CPol
1b9953ae92
GitBook: [#2981] No subject 2022-02-02 14:59:07 +00:00
CPol
f9971ff6b2
GitBook: [#2979] No subject 2022-02-01 22:03:45 +00:00
carlospolop
53c42a509d remove **** 2022-01-31 09:51:03 -05:00
carlospolop
3cf8a03c42 discord group 2022-01-31 09:20:28 -05:00
Carlos Polop
b5a0eca4bf
Merge pull request #296 from Lem/fix_broken_notsosecure.com_img 
Fix broken images
 2022-01-31 14:14:57 +00:00
CPol
43a4924a78
GitBook: [#2971] No subject 2022-01-26 16:08:23 +00:00
CPol
f33fc25ea6
GitBook: [#2968] No subject 2022-01-26 10:51:32 +00:00
lem
644eb76c11 Fix broken images 
It seems that the path to the images changed, resulting in 301/404.
New paths taken from
https://notsosecure.com/exploiting-viewstate-deserialization-using-blacklist3r-and-ysoserial-net
 2022-01-24 14:43:15 +01:00
CPol
37c3881e16
GitBook: [#2958] No subject 2022-01-19 12:11:58 +00:00
CPol
ecee04d244
GitBook: [#2957] No subject 2022-01-19 10:58:33 +00:00
CPol
6e8c7a1083
GitBook: [#2955] No subject 2022-01-18 18:16:48 +00:00
CPol
9066e81d0d
GitBook: [#2954] No subject 2022-01-18 12:45:45 +00:00
CPol
5acf1ba657
GitBook: [#2949] No subject 2022-01-14 10:22:14 +00:00
Carlos Polop
4f03a9e1eb
Merge pull request #287 from qtc-de/feat/update-ssrf 
Update SSRF documentation
 2022-01-06 11:11:41 +00:00
CPol
e2c72cac12
GitBook: [#2932] No subject 2022-01-06 11:03:56 +00:00
CPol
f9fec3fd5b
GitBook: [#2928] No subject 2021-12-30 10:14:05 +00:00
CPol
e10010e9f4
GitBook: [#2927] No subject 2021-12-30 09:58:38 +00:00
TNeitzel
2402c02f47 Add remote-method-guesser for RMI based SSRF 
Added remote-method-guesser for generating Java RMI based gopher
payloads.
 2021-12-29 09:51:00 +01:00
TNeitzel
f64d2f082a Update list of SSRF Targets 
Updated the list of SSRF Targets according to
https://github.com/assetnote/blind-ssrf-chains
 2021-12-29 09:49:58 +01:00
CPol
1a5e61658f
GitBook: [#2924] No subject 2021-12-29 01:10:37 +00:00
CPol
62107f3d2f
GitBook: [#2923] No subject 2021-12-28 23:04:54 +00:00
CPol
7ce741560b
GitBook: [#2922] No subject 2021-12-26 17:40:15 +00:00
CPol
533320ee57
GitBook: [#2921] No subject 2021-12-26 17:34:46 +00:00
CPol
6b9df92e57
GitBook: [#2920] No subject 2021-12-26 01:35:57 +00:00
CPol
fa49104cd3
GitBook: [#2919] No subject 2021-12-25 01:37:23 +00:00
CPol
3ce57dc2d8
GitBook: [#2918] No subject 2021-12-24 07:57:58 +00:00
CPol
1e83eb64b5
GitBook: [#2917] No subject 2021-12-24 01:52:37 +00:00
CPol
08fd55dbf3
GitBook: [#2902] No subject 2021-12-16 22:42:47 +00:00
CPol
5e009bf2b0
GitBook: [#2899] update 2021-12-13 10:28:21 +00:00
CPol
316bcad4b2
GitBook: [#2892] update 2021-12-05 18:16:27 +00:00
CPol
ddf8210cf7
GitBook: [#2876] save 2021-11-30 16:46:07 +00:00
CPol
5b0da209a0
GitBook: [#2874] update basic github 2021-11-30 13:55:54 +00:00
CPol
8153eb95a8
GitBook: [#2873] update 2021-11-30 13:50:20 +00:00
CPol
da8958fb0b
GitBook: [#2870] update 2021-11-30 00:17:48 +00:00
CPol
51fcd07624
GitBook: [#2869] update xss in markdown 2021-11-29 10:15:51 +00:00
CPol
48fdac2d54
GitBook: [#2867] uo 2021-11-28 17:30:37 +00:00
CPol
4f361a2370
GitBook: [#2866] update 2021-11-28 13:39:42 +00:00
CPol
f8e570f383
GitBook: [#2865] update 2021-11-28 11:01:58 +00:00
CPol
0fc60213dd
GitBook: [#2864] update 2021-11-27 01:09:08 +00:00
CPol
3a19236b57
GitBook: [#2862] xss find internal ips 2021-11-26 23:32:24 +00:00
CPol
db02952c42
GitBook: [#2861] cors 2021-11-26 23:26:35 +00:00
CPol
4e93d7b47b
GitBook: [#2860] CSRF 2021-11-26 21:25:39 +00:00
CPol
fea1702b48
GitBook: [#2851] update vue 2021-11-22 11:32:00 +00:00
CPol
fd9c38127a
GitBook: [#2847] update find dom xss 2021-11-18 13:00:50 +00:00
CPol
32628dd460
GitBook: [#2846] python yaml deserialization 2021-11-17 20:11:22 +00:00
CPol
adb4b651ca
GitBook: [#2843] upload send postmessage 2021-11-14 22:56:00 +00:00
CPol
41189a39f2
GitBook: [#2842] update websocket attack 2021-11-14 20:19:32 +00:00
CPol
9713dd3cf2
GitBook: [#2841] update 2021-11-14 19:46:18 +00:00
CPol
782ae059d7
GitBook: [#2840] add references mysql truncation 2021-11-12 01:14:26 +00:00
Heino Sass Hallik
bae0a5634b add clarification that the attack still works, but not as described in the readme 2021-11-09 18:25:38 +02:00
Heino Sass Hallik
15ce9c79ab add a note about SQL truncation no longer working 2021-11-09 18:23:33 +02:00
CPol
0b4434e0e0
GitBook: [#2835] other JS tricks update 2021-11-07 17:40:05 +00:00
CPol
8d4b891e62
GitBook: [#2834] update 2021-11-07 17:20:16 +00:00
CPol
6e1294c67c
GitBook: [#2829] update 2021-11-06 01:29:12 +00:00
CPol
6eca472f9e
GitBook: [#2828] update desync 2021-11-05 20:59:42 +00:00
CPol
50e2268759
GitBook: [#2819] update 2021-11-01 10:18:26 +00:00
Jan Bucher
4752320cb1 Fix multiple typos and fix some images/formatting on pentesting-sap 
- Fix multiple smaller typos
 - pentesting-sap: Replace Github image links with the correct raw URL in
   order to render them correctly. Also replace the alt text to a more
   accurate description and format an XML answer as correct XML to better
   display it.
 2021-10-30 14:23:41 +02:00
CPol
72cbd88461
GitBook: [#2797] pp 2021-10-22 10:16:40 +00:00
CPol
c6b5cc40ea
GitBook: [#2796] sqli 2021-10-21 23:06:17 +00:00
CPol
3dd1b18676
GitBook: [#2795] asd 2021-10-21 10:31:23 +00:00
CPol
c8efcbe5f6
GitBook: [#2794] sdf 2021-10-21 10:28:49 +00:00
CPol
febd64a6ca
GitBook: [#2793] lol 2021-10-20 23:25:53 +00:00
CPol
daf7260902
GitBook: [#2790] iframes 2021-10-20 00:55:49 +00:00
CPol
bf535b15e0
GitBook: [#2789] gitbook failing again 2021-10-20 00:45:58 +00:00
CPol
c17b800791
GitBook: [#2788] sdf 2021-10-19 22:49:43 +00:00
CPol
cacddb8495
GitBook: [#2787] gitbook freezing again 2021-10-19 22:23:59 +00:00
CPol
bb1345bf9f
GitBook: [#2780] asd 2021-10-19 00:01:07 +00:00
CPol
5e25a9775f
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00
CPol
53db995b86
GitBook: [master] 10 pages and 4 assets modified 2021-10-08 09:38:39 +00:00
CPol
9839455cf7
GitBook: [master] 9 pages and 8 assets modified 2021-10-07 12:54:05 +00:00
Carlos Polop
d9ca1a6f0e
Merge pull request #250 from homedirectory/patch-5 
Update cors-bypass.md
 2021-10-07 13:27:39 +01:00
Carlos Polop
8cc1b89fcf
Merge pull request #249 from homedirectory/patch-4 
Update domain-subdomain-takeover.md
 2021-10-07 13:26:57 +01:00
CPol
1f9a7fb21e
GitBook: [master] one page modified 2021-10-07 09:43:36 +00:00
CPol
41edae0cc8
GitBook: [master] 8 pages modified 2021-10-06 10:13:49 +00:00
CPol
e741d404a9
GitBook: [master] 3 pages and 6 assets modified 2021-10-05 10:00:17 +00:00
CPol
283c7c0171
GitBook: [master] one page and 2 assets modified 2021-10-04 22:36:22 +00:00
CPol
7af5e03d25
GitBook: [master] one page modified 2021-10-04 22:23:21 +00:00
CPol
90a82e6699
GitBook: [master] one page and 2 assets modified 2021-10-04 22:18:58 +00:00
CPol
eb47c749d2
GitBook: [master] 2 pages modified 2021-10-04 21:42:12 +00:00
homedirectory
8a05db1044
Update cors-bypass.md 2021-10-04 12:02:39 +00:00
CPol
14ead4a692
GitBook: [master] one page modified 2021-09-30 07:38:27 +00:00
homedirectory
49d22efa9d
Update domain-subdomain-takeover.md 2021-09-29 11:17:33 +03:00
CPol
6eff584f5e
GitBook: [master] one page modified 2021-09-27 15:01:45 +00:00
CPol
9d85603d35
GitBook: [master] 19 pages and 4 assets modified 2021-09-25 16:33:43 +00:00
Carlos Polop
8c52acb54e
Merge pull request #244 from A1vinSmith/master 
Update SQL injection with out-of-band data exfiltration via XXE
 2021-09-25 15:22:30 +01:00
Carlos Polop
e83ff80b7d
Merge pull request #243 from rishuranjanofficial/patch-1 
Update in content
 2021-09-25 15:21:36 +01:00
Carlos Polop
0ca1cfc29d
Merge pull request #228 from A1vinSmith/master 
Add Fuzzing wordlist link for poisoning
 2021-09-25 15:15:24 +01:00
Alvin Smith
51a058e106
Update README.md 
Add SQL injection with out-of-band data exfiltration via XXE
 2021-09-24 23:00:29 +12:00
Rishu Ranjan
84f56735df
Update in content 
Line should be
You can also abuse CSS @import (will send all the code until it find a ";") 
not colon
 2021-09-23 15:20:01 +05:30
CPol
c9074357a1
GitBook: [master] 516 pages modified 2021-09-19 21:42:43 +00:00
CPol
4a16f0d2ff
GitBook: [master] 5 pages modified 2021-09-19 15:52:48 +00:00
CPol
6feaee0cb0
GitBook: [master] 514 pages and 4 assets modified 2021-09-12 10:36:22 +00:00
Alvin Smith
cc3bf7b7f1
Update README.md 2021-09-12 18:39:48 +12:00
Carlos Polop
b844aca88a
Merge pull request #225 from yehgdotnet/master 
Added https://en.wikipedia.org/wiki/List_of_file_signatures to pentesting-web/file-upload/README.md
 2021-09-11 10:05:22 +01:00
Carlos Polop
10e40cc217
Merge pull request #223 from A1vinSmith/master 
Update file-upload#bypass-file-extensions-checks README.md
 2021-09-11 10:04:05 +01:00
Carlos Polop
303110cef4
Merge pull request #222 from jasonotu/patch-1 
Update README.md
 2021-09-11 10:03:11 +01:00
Aung Khant
f9e6d6dffa
Merge branch 'carlospolop:master' into master 2021-09-10 22:18:26 +08:00
CPol
05d47ab30b
GitBook: [master] 514 pages modified 2021-09-10 14:16:31 +00:00
Aung Khant
a3b8f3abc9
added https://en.wikipedia.org/wiki/List_of_file_signatures 2021-09-10 13:07:57 +08:00
CPol
52c3234894
GitBook: [master] one page modified 2021-09-08 08:59:37 +00:00
CPol
509d356627
GitBook: [master] one page modified 2021-09-06 09:41:45 +00:00
Alvin Smith
0acedaf057
Update README.md 2021-09-06 15:45:34 +12:00
jasonotu
3fc9ea5111
Update README.md 2021-09-05 13:02:06 -04:00
CPol
06fbf24691
GitBook: [master] one page modified 2021-09-01 23:18:05 +00:00
CPol
3dd3a4cc0d
GitBook: [master] one page modified 2021-08-28 15:55:37 +00:00
CPol
cbe63cbab3
GitBook: [master] 11 pages and 30 assets modified 2021-08-24 13:15:18 +00:00
Carlos Polop
8fb43e1c37
Merge pull request #214 from Reelix/patch-1 
Added alternate quote variation
 2021-08-23 21:57:34 +01:00
Carlos Polop
836ab452f4
Merge pull request #213 from Anirudh86/patch-1 
Fix typo, text bolding and text linking
 2021-08-23 21:57:14 +01:00
Carlos Polop
3dcfc3cdd3
Merge pull request #206 from meme-lord/master 
Minor correction: MySQL does support stacked queries!
 2021-08-23 21:53:33 +01:00
CPol
c70f794315
GitBook: [master] one page modified 2021-08-23 14:02:18 +00:00
CPol
3b3bfa8bbc
GitBook: [master] one page modified 2021-08-23 13:20:27 +00:00
CPol
9d0d6ccbe4
GitBook: [master] one page modified 2021-08-23 12:33:52 +00:00
CPol
34d41f57c9
GitBook: [master] one page modified 2021-08-23 10:40:09 +00:00
Reelix
3d4dea6911
Added alternate quote variation 
Added the OR bypass for when the quotes are " instead of '
 2021-08-23 00:07:02 +02:00
Anirudh86
1b8771db35
Fix typo, text bolding and text linking 
Changed tasted to tested.

Changed text bolding from
  - s**uper useful to abuse XXE via system DTD files.** to **super useful to abuse XXE via system DTD files.**
  - e**scalate another vulnerability that involves a path traversal** to **escalate another vulnerability that involves a path traversal**

Changed text linking from t[this section to learn how to abuse system DTD files] to [this section to learn how to abuse system DTD files].
 2021-08-22 12:03:32 +05:30
meme-lord
efe0c1d49d
Minor correction: MySQL does support stacked queries! 2021-08-16 21:58:09 +01:00
CPol
6f14fb06e8
GitBook: [master] one page modified 2021-08-16 09:05:12 +00:00
CPol
aca0a36b21
GitBook: [master] 17 pages and 28 assets modified 2021-08-15 22:19:51 +00:00
CPol
136ac552bb
GitBook: [master] 26 pages and 20 assets modified 2021-08-14 10:42:47 +00:00