Backup_Repos/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2025-12-06 17:02:53 +01:00
Code Issues Projects Releases Wiki Activity
2111 commits 2 branches 7 tags 89 MiB
Commit graph

152 commits

Author SHA1 Message Date
Swissky
cc670aa544 SQL injection - Fix linting errors 2025-08-13 12:07:35 +02:00
Swissky
81b3f85dc4
Merge pull request #776 from m14r41/patch-1 
enhancement: clarified and expanded details on Second-Order SQL Injec…
 2025-08-13 11:52:43 +02:00
Swissky
6cb0048e22
Update README.md 2025-08-13 11:52:26 +02:00
clemensGooooo
01a6299b08 Fix several typos 2025-07-29 15:34:52 +02:00
Swissky
ed28a07244 Fix typo in table header 2025-07-26 22:58:51 +02:00
Swissky
7faf14a960 SQL injection - Generic Bypass (Space) 2025-07-26 22:54:45 +02:00
Swissky
ac73b0c619 PDO Prepared Statements 2025-07-26 15:21:23 +02:00
F4K
eca827005a
Update Generic_TimeBased.txt 
Add support for `||` (concatenation) operator in PostgreSQL
 2025-05-22 11:44:06 +02:00
Madhurendra kumar
8ac78d12fa
enhancement: clarified and expanded details on Second-Order SQL Injection. 
I improved the existing details on Second-Order SQL Injection by providing a clear, concise, and comprehensive explanation of this rare vulnerability.
 2025-04-11 02:11:53 +05:30
Swissky
7eb75cead5 SQLmap Custom Tamper and Preprocess Scripts 2025-04-09 11:14:37 +02:00
Swissky
2611dd1ba3 Markdown Linting - SQL, Juggling, XSLT, XSS, Zip 2025-03-26 20:53:03 +01:00
Swissky
e25a025e13 DB2 Command Execution with QSYS2.QCMDEXC 2025-03-24 15:42:22 +01:00
Diego Barbieri
bc4eb6dcb5
Update README.md 2025-03-13 09:53:28 +01:00
Donghyeok Park
37046977fd
Fix misplaced parentheses in MySQL Injection.md 2025-02-20 00:48:45 +09:00
Swissky
fb349a5737 UUID_TO_BIN SQLi Error Based 2025-01-25 11:49:15 +01:00
Swissky
ddad93a1d2 System prompt + Arg injection + Disclaimer 2025-01-14 22:26:29 +01:00
Swissky
32d9f7550d XPATH + XSS + XXE + XSLT 2024-11-30 21:14:51 +01:00
Swissky
9932059563 YAML Deserialization 2024-11-17 20:48:10 +01:00
Swissky
b98f8ca587 DB2 Injection updates 2024-11-17 18:37:07 +01:00
Swissky
3c5bab0338 SQL - File Manipulation and Error Based Injection 2024-11-16 18:49:01 +01:00
Swissky
9a908a15d2 MSSQL, OracleSQL, PostgreSQL Substring Equivalent 2024-11-16 15:35:43 +01:00
Swissky
67af38aa4e SQL Injections - Updates for MSSQL, Oracle, PostgreSQL 2024-11-15 23:56:04 +01:00
Swissky
f57d0813ca SQL - MySQL Page Cleanup 2024-11-15 18:42:58 +01:00
Swissky
cde11da0c7 SQL Injection - Methodology 2024-11-15 14:48:58 +01:00
Swissky
f333d48960 Fix invalid spaces indents 2024-11-13 14:08:26 +01:00
Swissky
48a4e5c95b Normalize page header for SQLi, Upload, Cache Deception 2024-11-10 20:49:52 +01:00
Swissky
d80f73a829 Normalize page header for API, CSPT, CORS, CSRF 2024-11-09 23:01:39 +01:00
Swissky
b2bb1df9a9 References addded for SQLi, Upload, SSTI, Type Juggling 2024-11-07 20:54:16 +01:00
n3rada
a590290016
PostgreSQL privilege list update 2024-11-07 15:12:58 +01:00
Swissky
a5de8cf062 SQL injections references updates 2024-11-03 14:06:53 +01:00
Swissky
944fe0db7b SQLmap tips moved from SQL README to their own page 2024-11-02 22:47:30 +01:00
NoPurposeInLife
873ac0e727
Update MySQL Injection.md 
Fixed row/data extraction from MySQL Error Based - Extractvalue Function
 2024-10-31 11:25:34 +08:00
Swissky
0f621e67d1 SQLmap reduce requests 2024-10-28 17:59:33 +01:00
Swissky
d5a6811193 Fix typos 2024-09-16 18:05:54 +02:00
Mark
c3af630e1d
Update README.md 2024-05-26 10:40:54 -04:00
Mark
867f243100
Update README.md 2024-05-26 10:32:01 -04:00
mohnad banat
d834abe43c
Update SQLite Injection.md 
Since sqlite version 3.33.0, sqlite_schema has been replaced by sqlite_master.
 2024-04-01 20:46:09 +03:00
Swissky
dd2b68b70e PHP Deserialization + API keys table typo 2024-02-18 15:29:21 +01:00
Swissky
97cfeee270 Tools Update 2024-01-21 21:39:23 +01:00
Swissky
b07c5df892 CSS - Update style color + Blind SQL Oracle 2023-12-10 13:27:21 +01:00
Swissky
55edc9fc74 Fix MySQL duplicate cheatsheet 2023-10-01 12:45:12 +02:00
Swissky
d142587f28 Race Condition WIP + AD asreproast/kerberoasting 2023-10-01 12:42:20 +02:00
Swissky
59640ba51a MYSQL Wide byte injection (GBK) 2023-09-14 10:53:37 +02:00
Mane
811d71026f
Update MySQL Injection.md 
fix typo
 2023-09-13 08:33:03 -07:00
Mane
9574af9dd1
Update MySQL Injection.md 
Add MYSQL Wide byte injection, it can test in Sqli-labs Less-32
 2023-09-13 08:13:36 -07:00
Swissky
a0c14e5299 SQL injections - WAF bypass 2023-09-03 14:26:03 +02:00
Pak Cyberbot
d5922f421c
Update SQLite Injection.md 
Column names of the specified table can be more easily extracted in a better output.
Tested during the CTF
 2023-08-25 15:24:52 +05:00
KeoOp
d5f85f13d5
Update SQLite Injection.md 
add "group_concat" so that all tables can be extracted once when the query only returns the first item
 2023-07-16 23:44:00 +08:00
Swissky
5ddd8e04da MSSQL - Stacked Queries Delimiters 2023-06-25 00:02:54 +02:00
Swissky
6861c46fcd MySQL MSSQL Oracle SQL Update 2023-04-14 17:45:45 +02:00