Swissky
|
cde11da0c7
|
SQL Injection - Methodology
|
2024-11-15 14:48:58 +01:00 |
|
Swissky
|
8bc33f8bb7
|
Fix markdown style issues in Account Takeover
|
2024-11-13 15:30:33 +01:00 |
|
Swissky
|
a6b3b9dd05
|
CONTRIBUTING page updates - adding rules
|
2024-11-13 14:24:09 +01:00 |
|
Swissky
|
f333d48960
|
Fix invalid spaces indents
|
2024-11-13 14:08:26 +01:00 |
|
Swissky
|
dc349c10c3
|
Update _template_vuln page
|
2024-11-13 13:39:19 +01:00 |
|
Swissky
|
d6ce9cd317
|
Github Action - Markdown Linting for PR
|
2024-11-13 12:29:42 +01:00 |
|
Swissky
|
118924f291
|
Challenges added for CRLF, Command Injection, File Inclusion
|
2024-11-12 19:01:34 +01:00 |
|
Swissky
|
0a5ecc407c
|
Normalize page header for Web Socket, XSLT, XSS, XXE
|
2024-11-10 21:15:44 +01:00 |
|
Swissky
|
48a4e5c95b
|
Normalize page header for SQLi, Upload, Cache Deception
|
2024-11-10 20:49:52 +01:00 |
|
Swissky
|
a338b2f12a
|
Normalize page header for SSTI, SAML, SSI
|
2024-11-10 19:14:16 +01:00 |
|
Swissky
|
1a3e605d64
|
Normalize page header for JWT, LDAP, LaTeX, OAuth, ORM
|
2024-11-10 15:28:12 +01:00 |
|
Swissky
|
2304101657
|
Normalize page header for GraphQL, Deserialization, SCM
|
2024-11-10 14:37:48 +01:00 |
|
Swissky
|
2deb20a6f1
|
Normalize page header for CSRF, DNS, DOS, Dependencies
|
2024-11-10 11:18:46 +01:00 |
|
Swissky
|
d80f73a829
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
|
Swissky
|
c82cd6408a
|
Renaming Subdomain Enumeration to Web Attack Surface
|
2024-11-09 12:38:35 +01:00 |
|
Swissky
|
70fb63a9bf
|
Merge pull request #756 from Fisjkars/patch-1
Add CVE-2023–5123 in CSPT2CSRF real world scenario
|
2024-11-08 22:20:45 +01:00 |
|
Swissky
|
4f0e6334bd
|
References updated for XSS + page splitted in subcategories
|
2024-11-08 18:23:43 +01:00 |
|
Maxime Escourbiac
|
5c60cd7b61
|
Add CVE-2023–5123 in CSPT2CSRF real world scenario
|
2024-11-08 15:09:08 +01:00 |
|
Swissky
|
37641d2b9e
|
References updated for XPATH, XSLT, XXE, Web Socket
|
2024-11-07 23:50:30 +01:00 |
|
Swissky
|
b2bb1df9a9
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
|
Swissky
|
ffa5ea764a
|
Merge pull request #755 from n3rada/patch-1
PostgreSQL privilege list update
|
2024-11-07 18:42:46 +01:00 |
|
Swissky
|
df8d4d7f27
|
References updated for SAML, SSI, SSRF
|
2024-11-07 18:31:21 +01:00 |
|
Swissky
|
9ed40edfca
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
|
n3rada
|
a590290016
|
PostgreSQL privilege list update
|
2024-11-07 15:12:58 +01:00 |
|
Swissky
|
b80b72d3a3
|
References updated for JWT, RMI, LDAP, LaTeX
|
2024-11-07 14:50:52 +01:00 |
|
Swissky
|
ccffaa5019
|
References updated for IDOR, Radomness and SCM
|
2024-11-07 12:17:38 +01:00 |
|
Swissky
|
7e390265a0
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
|
Swissky
|
e47391b12b
|
References updated for Dom Clobbering, File Inclusion
|
2024-11-05 17:29:15 +01:00 |
|
Swissky
|
e138308d3d
|
References updated for CORS CRLF CSV
|
2024-11-04 18:00:07 +01:00 |
|
Swissky
|
4dc409d31e
|
References updated for API, Business, Clickjacking, CSPT, Command
Injection
|
2024-11-04 16:35:24 +01:00 |
|
Swissky
|
138fbd97f9
|
Account Takeover References
|
2024-11-03 21:22:14 +01:00 |
|
Swissky
|
21dfd91180
|
SSTI references updates
|
2024-11-03 20:54:01 +01:00 |
|
Swissky
|
51fe542992
|
nested_indent in mkdocs
|
2024-11-03 17:36:19 +01:00 |
|
Swissky
|
ff88aa1f45
|
Fix nested lists
|
2024-11-03 17:10:52 +01:00 |
|
Swissky
|
a5de8cf062
|
SQL injections references updates
|
2024-11-03 14:06:53 +01:00 |
|
Swissky
|
944fe0db7b
|
SQLmap tips moved from SQL README to their own page
|
2024-11-02 22:47:30 +01:00 |
|
Swissky
|
d77ef2c4fc
|
Templating Libraries Tables
|
2024-11-02 17:42:18 +01:00 |
|
Swissky
|
b29edefe09
|
Merge pull request #732 from Xhoenix/master
added bypass techniques
|
2024-11-02 15:21:38 +01:00 |
|
Swissky
|
11d1704f42
|
Merge pull request #730 from Horlad/master
Adding r3dir tool to SSRF README.md
|
2024-11-02 15:20:09 +01:00 |
|
Swissky
|
6e77f624f2
|
Merge pull request #728 from isacaya/add_xss_bypass
Add a few XSS filter bypass cases
|
2024-11-02 15:16:46 +01:00 |
|
Swissky
|
9866fef5b4
|
Bypass CSP, technique from #715
|
2024-11-02 12:26:45 +01:00 |
|
Swissky
|
d0c4454ef2
|
Merge pull request #734 from R4yGM/patch-1
Fixed not working example
|
2024-11-02 12:11:21 +01:00 |
|
Swissky
|
88ab5228b4
|
Merge pull request #737 from omranisecurity/master
Add CorsOne to the Repository
|
2024-11-02 12:05:21 +01:00 |
|
Swissky
|
a4277d5e5e
|
Merge pull request #738 from NoPurposeInLife/patch-1
Update deep_traversal.txt
|
2024-11-02 12:00:20 +01:00 |
|
Swissky
|
eb4795047b
|
Merge pull request #746 from TRKBKR/master
Added oncontentvisibilityautostatechange to XSS in hidden input
|
2024-11-02 11:44:08 +01:00 |
|
Swissky
|
89c4098dc2
|
Merge pull request #754 from noraj/patch-2
SSTI: engine detection
|
2024-11-02 11:42:45 +01:00 |
|
Swissky
|
7efac5129b
|
Merge pull request #742 from hansmach1ne/master
Add LFImap tool
|
2024-11-02 11:39:31 +01:00 |
|
Swissky
|
e3877d1979
|
Merge pull request #739 from FatEarthler/master
added 'xss_alert_identifiable.txt'
|
2024-11-02 11:38:30 +01:00 |
|
Swissky
|
acb509d436
|
SVG XSS fix typo from #729 + files
|
2024-11-02 11:27:26 +01:00 |
|
Swissky
|
53ba2932ab
|
Merge pull request #729 from noraj/patch-1
XSS in SVG: more examples + nesting
|
2024-11-02 11:21:27 +01:00 |
|