[pull] master from swisskyrepo:master #335

pull · 2023-02-12T00:20:05Z

See Commits and Changes for more details.

Created by pull[bot]

Can you help keep this open source service alive? 💖 Please sponsor : )

Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)

Adding Jinja2 RCE through lipsum in Templates

SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]

…eThings

Fixed typos on README.md

Update SSTI README.md

…eThings

xxe - go secure workshop

SSRF: bypass using IPv6/IPv4 Address Embedding

Use new offical CME repository

Add CI/CD payloads

Fixed row/data extraction from MySQL Error Based - Extractvalue Function

Update MySQL Injection.md

…eThings

XSS in SVG: more examples + nesting

added 'xss_alert_identifiable.txt'

Add LFImap tool

SSTI: engine detection

Added oncontentvisibilityautostatechange to XSS in hidden input

Update deep_traversal.txt

Add CorsOne to the Repository

Fixed not working example

Add a few XSS filter bypass cases

Adding r3dir tool to SSRF README.md

added bypass techniques

Injection

pull bot added the ⤵️ pull label Feb 12, 2023

swisskyrepo and others added 29 commits May 8, 2023 16:22

Merge pull request #640 from m3dsec/patch-2

0dd92aa

Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)

DPAPI LocalMachine + BitLocker

5af6a23

Adding Jinja2 RCE through lipsum in Templates

9c2b040

Merge pull request #642 from p0dalirius/patch-1

8d2c30e

Adding Jinja2 RCE through lipsum in Templates

SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]

b3f98ad

Merge pull request #643 from p0dalirius/patch-2

af4ade2

SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]

GraphQL Batching Attacks

6adfe5d

Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTh…

0a07e07

…eThings

fixed typos

83b2d80

Merge pull request #644 from rdbo/patch-1

f85f2cb

Fixed typos on README.md

Update README.md

226569b

WDAC Policy Removal + SSRF domains

b8c8037

Update README.md

598d2ca

Merge pull request #646 from NaxnN/patch-1

e17b6e1

Update SSTI README.md

xxe - go secure workshop

3e8a39a

Prompt Injection

93fa4df

Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTh…

aba6f1e

…eThings

Merge pull request #647 from noraj/patch-1

f0d02d2

xxe - go secure workshop

Type Juggling - Loose Comparison and Exploit

de6e916

Type Juggling

10df57a

Merge pull request #645 from azurit/ssrflocalhost

726de9e

SSRF: bypass using IPv6/IPv4 Address Embedding

DOM Clobbering

fc36b38

AWS Key Patterns

e9c1ce1

MSSQL - Stacked Queries Delimiters

5ddd8e0

AWS EC2 Metadata + SSSD token deobfuscate

113afae

Use new offical CME repository

35b0d67

Add CI/CD payloads

de8d479

Merge pull request #648 from mpgn/master

ec11a14

Use new offical CME repository

Merge pull request #649 from MotiHarmats/patch-1

70396ec

Add CI/CD payloads

swisskyrepo and others added 30 commits October 28, 2024 18:00

Merge pull request #752 from noraj/patch-2

ca41c9e

Merge branch 'swisskyrepo:master' into master

223d618

Update MySQL Injection.md

873ac0e

Fixed row/data extraction from MySQL Error Based - Extractvalue Function

Merge pull request #753 from NoPurposeInLife/patch-2

f11771b

Update MySQL Injection.md

Moving CICD to IATT repository

690c776

Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTh…

6b8ca37

…eThings

SSTI: engine detection

eca0bd1

Merge pull request #729 from noraj/patch-1

53ba293

XSS in SVG: more examples + nesting

SVG XSS fix typo from #729 + files

acb509d

Merge pull request #739 from FatEarthler/master

e3877d1

added 'xss_alert_identifiable.txt'

Merge pull request #742 from hansmach1ne/master

7efac51

Add LFImap tool

Merge pull request #754 from noraj/patch-2

89c4098

SSTI: engine detection

Merge pull request #746 from TRKBKR/master

eb47950

Added oncontentvisibilityautostatechange to XSS in hidden input

Merge pull request #738 from NoPurposeInLife/patch-1

a4277d5

Update deep_traversal.txt

Merge pull request #737 from omranisecurity/master

88ab522

Add CorsOne to the Repository

Merge pull request #734 from R4yGM/patch-1

d0c4454

Fixed not working example

Bypass CSP, technique from #715

9866fef

Merge pull request #728 from isacaya/add_xss_bypass

6e77f62

Add a few XSS filter bypass cases

Merge pull request #730 from Horlad/master

11d1704

Adding r3dir tool to SSRF README.md

Merge pull request #732 from Xhoenix/master

b29edef

added bypass techniques

Templating Libraries Tables

d77ef2c

SQLmap tips moved from SQL README to their own page

944fe0d

SQL injections references updates

a5de8cf

Fix nested lists

ff88aa1

nested_indent in mkdocs

51fe542

SSTI references updates

21dfd91

Account Takeover References

138fbd9

References updated for API, Business, Clickjacking, CSPT, Command

4dc409d

Injection

References updated for CORS CRLF CSV

e138308

References updated for Dom Clobbering, File Inclusion

e47391b

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from swisskyrepo:master #335

[pull] master from swisskyrepo:master #335

pull bot commented Feb 12, 2023 •

edited

Loading

[pull] master from swisskyrepo:master #335

Are you sure you want to change the base?

[pull] master from swisskyrepo:master #335

Conversation

pull bot commented Feb 12, 2023 • edited Loading

pull bot commented Feb 12, 2023 •

edited

Loading