Exploitation: Difference between revisions

From Enlace Hacktivista
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 3: Line 3:
* https://github.com/swisskyrepo/PayloadsAllTheThings
* https://github.com/swisskyrepo/PayloadsAllTheThings
* https://github.com/payloadbox
* https://github.com/payloadbox
* WAF bypass payloads: https://github.com/waf-bypass-maker/waf-community-bypasses


=== Metasploit ===
=== Metasploit ===
Line 14: Line 15:
* Tamper agent scripts for sqlmap (WAF bypass): https://forum.bugcrowd.com/t/sqlmap-tamper-scripts-sql-injection-and-waf-bypass/423
* Tamper agent scripts for sqlmap (WAF bypass): https://forum.bugcrowd.com/t/sqlmap-tamper-scripts-sql-injection-and-waf-bypass/423
* https://github.com/r0oth3x49/ghauri
* https://github.com/r0oth3x49/ghauri
* SQL Injection & XSS Playground: https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets/sql-injection-xss-playground#classic-sql-injection


=== Cross-site scripting (XSS) ===
=== Cross-site scripting (XSS) ===
* https://github.com/s0md3v/XSStrike
* https://github.com/s0md3v/XSStrike
*https://github.com/mandatoryprogrammer/xsshunter
* https://github.com/mandatoryprogrammer/xsshunter
* https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets/sql-injection-xss-playground#xss


=== Command Injection ===
=== Command Injection ===

Latest revision as of 14:33, 1 August 2023

Payloads

Metasploit

Public exploits

SQL injection (SQLi)

Cross-site scripting (XSS)

Command Injection

SSRF

Retrieved from "https://enlacehacktivista.org/index.php?title=Exploitation&oldid=1333"