mirror of
				https://github.com/HackTricks-wiki/hacktricks.git
				synced 2025-10-10 18:36:50 +00:00 
			
		
		
		
	t1
This commit is contained in:
		
							parent
							
								
									3855a3d041
								
							
						
					
					
						commit
						ae1d2e8ee6
					
				
							
								
								
									
										1
									
								
								.github/pull_request_template.md
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										1
									
								
								.github/pull_request_template.md
									
									
									
									
										vendored
									
									
								
							| @ -8,3 +8,4 @@ Thank you for contributing to HackTricks! | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -1,4 +1,4 @@ | ||||
| name: Translator to IN (Hindi) | ||||
| name: Translator to HI (Hindi) | ||||
| 
 | ||||
| on: | ||||
|   push: | ||||
| @ -10,7 +10,7 @@ on: | ||||
|       - '.github/**' | ||||
|   workflow_dispatch: | ||||
| 
 | ||||
| concurrency: in | ||||
| concurrency: hi | ||||
| 
 | ||||
| permissions: | ||||
|   id-token: write | ||||
| @ -22,7 +22,7 @@ jobs: | ||||
|     environment: prod | ||||
|     env: | ||||
|       LANGUAGE: Hindi | ||||
|       BRANCH: in | ||||
|       BRANCH: hi | ||||
| 
 | ||||
|     steps: | ||||
|       - name: Checkout code | ||||
| @ -29,3 +29,4 @@ InfluxDB | ||||
| {{#include ./banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -3,3 +3,4 @@ | ||||
| {{#include ./banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -757,3 +757,4 @@ Project Neto is a Python 3 package conceived to analyse and unravel hidden featu | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -101,3 +101,4 @@ browext-xss-example.md | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -113,3 +113,4 @@ However, tightening security measures often results in decreased flexibility and | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -118,3 +118,4 @@ Notably, the **`/html/bookmarks.html`** page is prone to framing, thus vulnerabl | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -242,3 +242,4 @@ Learn here about how to perform[ Cache Deceptions attacks abusing HTTP Request S | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -145,3 +145,4 @@ Cache: hit | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -52,3 +52,4 @@ Several cache servers will always cache a response if it's identified as static. | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -818,3 +818,4 @@ pc.createOffer().then((sdp)=>pc.setLocalDescription(sdp); | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -66,3 +66,4 @@ window.frames[0].document.head.appendChild(script) | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -263,3 +263,4 @@ XS-Search are oriented to **exfiltrate cross-origin information** abusing **side | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -7,3 +7,4 @@ | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -989,3 +989,4 @@ Check for more details in the [**original post**](https://github.blog/security/v | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -197,3 +197,4 @@ namespace DeserializationTests | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -89,3 +89,4 @@ As you can see in this very basic example, the "vulnerability" here appears beca | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -5,3 +5,4 @@ | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -214,3 +214,4 @@ Check for [further information here](<https://github.com/carlospolop/hacktricks/ | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -201,3 +201,4 @@ Make your payload execute something like the following: | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -8,3 +8,4 @@ Check the posts: | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -231,3 +231,4 @@ You can find more gadgets here: [https://deadcode.me/blog/2016/09/02/Blind-Java- | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -462,3 +462,4 @@ In this [**writeup**](https://intrigus.org/research/2022/07/18/google-ctf-2022-l | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -394,3 +394,4 @@ To reduce the risk of prototype pollution, the strategies listed below can be em | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -116,3 +116,4 @@ Check this writeup: [https://blog.huli.tw/2022/05/02/en/intigriti-revenge-challe | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -127,3 +127,4 @@ You could definitely use it in a bug **chain** to exploit a **prototype pollutio | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -731,3 +731,4 @@ In [**this commit**](https://github.com/nodejs/node/commit/0313102aaabb49f78156c | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -70,3 +70,4 @@ I needed to **call this deserialization twice**. In my testing, the first time t | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -157,3 +157,4 @@ cat /tmp/example_yaml | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -24,3 +24,4 @@ When sending in a body some values not hashabled like an array they will be adde | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -419,3 +419,4 @@ It's possible to brute-force the defined classes and at some point poison the cl | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -691,3 +691,4 @@ If you include any of the files `/usr/bin/phar`, `/usr/bin/phar7`, `/usr/bin/pha | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -43,3 +43,4 @@ For more information check the description of the Race Condition and the CTF in | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -101,3 +101,4 @@ It looks like by default Nginx supports **512 parallel connections** at the same | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -54,3 +54,4 @@ if **name** == "**main**": print('\[DEBUG] Creating requests session') requests\ | ||||
| ``` | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -265,3 +265,4 @@ function find_vals($init_val) { | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -59,3 +59,4 @@ print('[x] Something went wrong, please try again') | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -64,3 +64,4 @@ if __name__ == "__main__": | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -34,3 +34,4 @@ For GNU/Linux systems, the randomness in temporary file naming is robust, render | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -76,3 +76,4 @@ php vuln.php | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -39,3 +39,4 @@ Another writeup in [https://spyclub.tech/2018/12/21/one-line-and-return-of-one-l | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -329,3 +329,4 @@ More information in: [https://medium.com/swlh/polyglot-files-a-hackers-best-frie | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -7,3 +7,4 @@ | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -300,3 +300,4 @@ There should be a pattern (with the size of a used block). So, knowing how are a | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -9,3 +9,4 @@ And for more information, you can check this presentation: [https://speakerdeck. | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -24,3 +24,4 @@ Notice, that third party cookies pointing to a different domain won't be overwri | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -67,3 +67,4 @@ cookie-bomb.md | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -38,3 +38,4 @@ This issue can potentially be combined with [Host header attacks](https://portsw | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -762,3 +762,4 @@ def handleResponse(req, interesting): | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -7,3 +7,4 @@ | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -7,3 +7,4 @@ | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -132,3 +132,4 @@ Therefore, the **next request of the second victim** will be **receiving** as ** | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -5,3 +5,4 @@ | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -23,3 +23,4 @@ Ofc, the main limitations are that a **victim closing the tab or putting another | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -222,3 +222,4 @@ intitle:"phpLDAPadmin" inurl:cmd.php | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -99,3 +99,4 @@ Pages usually redirects users after login, check if you can alter that redirect | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -816,3 +816,4 @@ Pass1234." and 1=0 union select "admin",sha("Pass1234.")# | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -257,3 +257,4 @@ for u in get_usernames(""): | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -235,3 +235,4 @@ If the platform you are testing is an OAuth provider [**read this to test for po | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -187,3 +187,4 @@ exit; | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -333,3 +333,4 @@ By brute-forcing and potentially relationships it was possible to leak more data | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -229,3 +229,4 @@ Which might create inconsistences | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -19,3 +19,4 @@ It's possible to **add strings at the end the phone number** that could be used | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -245,3 +245,4 @@ javascript:"/*'/*`/*--></noscript></title></textarea></style></template></noembe | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -45,3 +45,4 @@ javascript:"/*'/*`/*--></noscript></title></textarea></style></template></noembe | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -239,3 +239,4 @@ For **more information**: | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -34,3 +34,4 @@ And in order to be precise and **send** that **postmessage** just **after** the | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -76,3 +76,4 @@ That **payload** will get the **identifier** and send a **XSS** it **back to the | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -86,3 +86,4 @@ The final solution by [**@terjanq**](https://twitter.com/terjanq) is the [**foll | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -33,3 +33,4 @@ This is specially useful in **postMessages** because if a page is sending sensit | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -228,3 +228,4 @@ data:text/html;base64,PHN2Zy9vbmxvYWQ9YWxlcnQoMik+ #base64 encoding the javascri | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -396,3 +396,4 @@ In [**WS_RaceCondition_PoC**](https://github.com/redrays-io/WS_RaceCondition_PoC | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -57,3 +57,4 @@ Note that even if a rate limit is in place you should try to see if the response | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -182,3 +182,4 @@ hacking-jwt-json-web-tokens.md | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -82,3 +82,4 @@ Regexp (a+)*$ took 723 milliseconds. | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -189,3 +189,4 @@ uuid-insecurities.md | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -83,3 +83,4 @@ Prevention information are documented into the [HTML5 Cheat Sheet](https://cheat | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -306,3 +306,4 @@ with open("/home/fady/uberSAMLOIDAUTH") as urlList: | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -167,3 +167,4 @@ In conclusion, XML Signatures provide flexible ways to secure XML documents, wit | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -246,3 +246,4 @@ xslt-server-side-injection-extensible-stylesheet-language-transformations.md | ||||
| {{#include ../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -548,3 +548,4 @@ This trick was taken from [https://secgroup.github.io/2017/01/03/33c3ctf-writeup | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -10,3 +10,4 @@ Check the following blogs: | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -195,3 +195,4 @@ Where **name\[i] is a .mdb filename** and **realTable is an existent table** wit | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -272,3 +272,4 @@ exec('sp_configure''xp_cmdshell'',''1''reconfigure')-- | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -184,3 +184,4 @@ mysql> select version(); | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -29,3 +29,4 @@ Automation of these processes can be facilitated by tools such as SQLMap, which | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -161,3 +161,4 @@ Another package I have used in the past with varied success is the [`GETCLOB()` | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -91,3 +91,4 @@ SELECT $TAG$hacktricks$TAG$; | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -83,3 +83,4 @@ It's noted that **large objects may have ACLs** (Access Control Lists), potentia | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -9,3 +9,4 @@ | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -111,3 +111,4 @@ SELECT testfunc(); | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -121,3 +121,4 @@ select brute_force('127.0.0.1', '5432', 'postgres', 'postgres'); | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -353,3 +353,4 @@ print("    drop function connect_back(text, integer);") | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -324,3 +324,4 @@ rce-with-postgresql-extensions.md | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -193,3 +193,4 @@ sqlmap -r r.txt -p id --not-string ridiculous --batch | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -225,3 +225,4 @@ Remember that **you can create your own tamper in python** and it's very simple. | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -79,3 +79,4 @@ sqlmap --tamper tamper.py -r login.txt -p email --second-req second.txt --proxy | ||||
| {{#include ../../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -382,3 +382,4 @@ SSRF Proxy is a multi-threaded HTTP proxy server designed to tunnel client HTTP | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
| @ -659,3 +659,4 @@ Rancher's metadata can be accessed using: | ||||
| {{#include ../../banners/hacktricks-training.md}} | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
|  | ||||
Some files were not shown because too many files have changed in this diff Show More
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user