Exploitation: Difference between revisions

From Enlace Hacktivista

Jump to navigation Jump to search

← Older edit Newer edit →

Revision as of 19:14, 28 July 2023

Payloads

Metasploit

Install on server: https://docs.metasploit.com/docs/using-metasploit/getting-started/nightly-installers.html

Public exploits

https://www.kali.org/tools/exploitdb/#searchsploit

SQL injection (SQLi)

https://github.com/sqlmapproject/sqlmap
Tamper agent scripts for sqlmap (WAF bypass): https://forum.bugcrowd.com/t/sqlmap-tamper-scripts-sql-injection-and-waf-bypass/423
https://github.com/r0oth3x49/ghauri

Cross-site scripting (XSS)

Command Injection

https://github.com/commixproject/commix

SSRF

https://github.com/swisskyrepo/SSRFmap

Retrieved from "https://enlacehacktivista.org/index.php?title=Exploitation&oldid=1278"