_LEARNING_AND_SOCIALS
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
_template_vuln
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
.github
|
Fix nested lists
|
2024-11-03 17:10:52 +01:00 |
Account Takeover
|
Account Takeover References
|
2024-11-03 21:22:14 +01:00 |
API Key Leaks
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
Business Logic Errors
|
References updated for API, Business, Clickjacking, CSPT, Command
|
2024-11-04 16:35:24 +01:00 |
Clickjacking
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
Client Side Path Traversal
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
Command Injection
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
CORS Misconfiguration
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
CRLF Injection
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
Cross-Site Request Forgery
|
References updated for CORS CRLF CSV
|
2024-11-04 18:00:07 +01:00 |
CSV Injection
|
References updated for CORS CRLF CSV
|
2024-11-04 18:00:07 +01:00 |
CVE Exploits
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
Denial of Service
|
References updated for CORS CRLF CSV
|
2024-11-04 18:00:07 +01:00 |
Dependency Confusion
|
References updated for Dom Clobbering, File Inclusion
|
2024-11-05 17:29:15 +01:00 |
Directory Traversal
|
References updated for Dom Clobbering, File Inclusion
|
2024-11-05 17:29:15 +01:00 |
DNS Rebinding
|
References updated for Dom Clobbering, File Inclusion
|
2024-11-05 17:29:15 +01:00 |
Dom Clobbering
|
References updated for Dom Clobbering, File Inclusion
|
2024-11-05 17:29:15 +01:00 |
File Inclusion
|
References updated for Dom Clobbering, File Inclusion
|
2024-11-05 17:29:15 +01:00 |
Google Web Toolkit
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
GraphQL Injection
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
Headless Browser
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
Hidden Parameters
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
HTTP Parameter Pollution
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
Insecure Deserialization
|
References added for GWT, GraphQL, HTTP, Headless
|
2024-11-06 23:32:18 +01:00 |
Insecure Direct Object References
|
References updated for IDOR, Radomness and SCM
|
2024-11-07 12:17:38 +01:00 |
Insecure Management Interface
|
References updated for IDOR, Radomness and SCM
|
2024-11-07 12:17:38 +01:00 |
Insecure Randomness
|
References updated for IDOR, Radomness and SCM
|
2024-11-07 12:17:38 +01:00 |
Insecure Source Code Management
|
References updated for IDOR, Radomness and SCM
|
2024-11-07 12:17:38 +01:00 |
Java RMI
|
References updated for JWT, RMI, LDAP, LaTeX
|
2024-11-07 14:50:52 +01:00 |
JSON Web Token
|
References updated for JWT, RMI, LDAP, LaTeX
|
2024-11-07 14:50:52 +01:00 |
LaTeX Injection
|
References updated for JWT, RMI, LDAP, LaTeX
|
2024-11-07 14:50:52 +01:00 |
LDAP Injection
|
References updated for JWT, RMI, LDAP, LaTeX
|
2024-11-07 14:50:52 +01:00 |
Mass Assignment
|
References updated for JWT, RMI, LDAP, LaTeX
|
2024-11-07 14:50:52 +01:00 |
Methodology and Resources
|
Renaming Subdomain Enumeration to Web Attack Surface
|
2024-11-09 12:38:35 +01:00 |
NoSQL Injection
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
OAuth Misconfiguration
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
Open Redirect
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
ORM Leak
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
Prompt Injection
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
Prototype Pollution
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
Race Condition
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
Regular Expression
|
References updated for NoSQL, OAuth, ORM, Prompt, RegEx
|
2024-11-07 16:20:58 +01:00 |
Request Smuggling
|
References updated for SAML, SSI, SSRF
|
2024-11-07 18:31:21 +01:00 |
SAML Injection
|
References updated for SAML, SSI, SSRF
|
2024-11-07 18:31:21 +01:00 |
Server Side Include Injection
|
References updated for SAML, SSI, SSRF
|
2024-11-07 18:31:21 +01:00 |
Server Side Request Forgery
|
References updated for SAML, SSI, SSRF
|
2024-11-07 18:31:21 +01:00 |
Server Side Template Injection
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
SQL Injection
|
Normalize page header for API, CSPT, CORS, CSRF
|
2024-11-09 23:01:39 +01:00 |
Tabnabbing
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
Type Juggling
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
Upload Insecure Files
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
Web Cache Deception
|
References updated for XPATH, XSLT, XXE, Web Socket
|
2024-11-07 23:50:30 +01:00 |
Web Sockets
|
References updated for XPATH, XSLT, XXE, Web Socket
|
2024-11-07 23:50:30 +01:00 |
XPATH Injection
|
References updated for XPATH, XSLT, XXE, Web Socket
|
2024-11-07 23:50:30 +01:00 |
XSLT Injection
|
References updated for XPATH, XSLT, XXE, Web Socket
|
2024-11-07 23:50:30 +01:00 |
XSS Injection
|
References updated for XSS + page splitted in subcategories
|
2024-11-08 18:23:43 +01:00 |
XXE Injection
|
References updated for XPATH, XSLT, XXE, Web Socket
|
2024-11-07 23:50:30 +01:00 |
Zip Slip
|
References addded for SQLi, Upload, SSTI, Type Juggling
|
2024-11-07 20:54:16 +01:00 |
.gitignore
|
YAML Deserialization
|
2022-09-16 16:37:40 +02:00 |
CONTRIBUTING.md
|
PR Guidelines + User Hunting + HopLa Configuration
|
2022-06-30 16:33:35 +02:00 |
custom.css
|
CSS - Update style color + Blind SQL Oracle
|
2023-12-10 13:27:21 +01:00 |
LICENSE
|
Create License
|
2019-05-25 16:27:35 +02:00 |
mkdocs.yml
|
SSTI references updates
|
2024-11-03 20:54:01 +01:00 |
README.md
|
Fix typos
|
2024-09-16 18:05:54 +02:00 |