Exploitation: Difference between revisions

From Enlace Hacktivista
Jump to navigation Jump to search
← Older edit
Booda (talk | contribs)
1,183 edits
 
(3 intermediate revisions by one other user not shown)
Line 3: Line 3:
* https://github.com/swisskyrepo/PayloadsAllTheThings
* https://github.com/swisskyrepo/PayloadsAllTheThings
* https://github.com/payloadbox
* https://github.com/payloadbox
* WAF bypass payloads: https://github.com/waf-bypass-maker/waf-community-bypasses


=== Metasploit ===
=== Metasploit ===
Line 14: Line 15:
* Tamper agent scripts for sqlmap (WAF bypass): https://forum.bugcrowd.com/t/sqlmap-tamper-scripts-sql-injection-and-waf-bypass/423
* Tamper agent scripts for sqlmap (WAF bypass): https://forum.bugcrowd.com/t/sqlmap-tamper-scripts-sql-injection-and-waf-bypass/423
* https://github.com/r0oth3x49/ghauri
* https://github.com/r0oth3x49/ghauri
* SQL Injection & XSS Playground: https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets/sql-injection-xss-playground#classic-sql-injection


=== Cross-site scripting (XSS) ===
=== Cross-site scripting (XSS) ===
* https://github.com/hahwul/dalfox
* https://github.com/s0md3v/XSStrike
* https://github.com/s0md3v/XSStrike
*https://github.com/mandatoryprogrammer/xsshunter
* https://github.com/mandatoryprogrammer/xsshunter
* https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets/sql-injection-xss-playground#xss


=== Command Injection ===
=== Command Injection ===

Latest revision as of 17:08, 22 July 2025

Payloads

Metasploit

Public exploits

SQL injection (SQLi)

Cross-site scripting (XSS)

Command Injection

SSRF

Retrieved from "https://enlacehacktivista.org/index.php?title=Exploitation&oldid=1757"