From 6dd5c18b45fdc23c8766a6827d012010f190638d Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Wed, 12 Oct 2022 12:13:55 +0200 Subject: [PATCH] Normalize Titles --- CRLF Injection/README.md | 6 +++--- CSV Injection/README.md | 2 +- CVE Exploits/README.md | 4 ++++ Directory Traversal/README.md | 2 +- GraphQL Injection/README.md | 2 +- Insecure Deserialization/Node.md | 2 +- Insecure Deserialization/PHP.md | 2 +- Insecure Management Interface/README.md | 2 +- Insecure Source Code Management/README.md | 2 +- LDAP Injection/README.md | 2 +- NoSQL Injection/README.md | 2 +- {OAuth => OAuth Misconfiguration}/README.md | 2 +- SQL Injection/README.md | 2 +- Server Side Template Injection/README.md | 2 +- Upload Insecure Files/README.md | 2 +- Web Cache Deception/README.md | 2 +- Web Sockets/README.md | 12 +++++++++--- XPATH Injection/README.md | 2 +- 18 files changed, 31 insertions(+), 21 deletions(-) rename {OAuth => OAuth Misconfiguration}/README.md (98%) diff --git a/CRLF Injection/README.md b/CRLF Injection/README.md index 14f3eeb..90405ca 100644 --- a/CRLF Injection/README.md +++ b/CRLF Injection/README.md @@ -1,8 +1,8 @@ -# CRLF +# Carriage Return Line Feed ->The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They're used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line. +> The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They're used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line. ->A CRLF Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL. +> A CRLF Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL. ## Summary diff --git a/CSV Injection/README.md b/CSV Injection/README.md index d631791..75621d8 100644 --- a/CSV Injection/README.md +++ b/CSV Injection/README.md @@ -1,4 +1,4 @@ -# CSV Injection (Formula Injection) +# CSV Injection Many web applications allow the user to download content such as templates for invoices or user settings to a CSV file. Many users choose to open the CSV file in either Excel, Libre Office or Open Office. When a web application does not properly validate the contents of the CSV file, it could lead to contents of a cell or many cells being executed. diff --git a/CVE Exploits/README.md b/CVE Exploits/README.md index 57d62ce..1ea0374 100644 --- a/CVE Exploits/README.md +++ b/CVE Exploits/README.md @@ -3,6 +3,10 @@ ## Tools - [Trickest CVE Repository - Automated collection of CVEs and PoC's](https://github.com/trickest/cve) +- [Nuclei Templates - Community curated list of templates for the nuclei engine to find security vulnerabilities in applications](https://github.com/projectdiscovery/nuclei-templates) +- [Metasploit Framework](https://github.com/rapid7/metasploit-framework) +- [CVE Details - The ultimate security vulnerability datasource](https://www.cvedetails.com) + ## Big CVEs in the last 5 years. diff --git a/Directory Traversal/README.md b/Directory Traversal/README.md index eea6bfa..5fa1140 100644 --- a/Directory Traversal/README.md +++ b/Directory Traversal/README.md @@ -1,4 +1,4 @@ -# Directory traversal +# Directory Traversal > A directory or path traversal consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs. diff --git a/GraphQL Injection/README.md b/GraphQL Injection/README.md index 7ce3854..178fc6a 100644 --- a/GraphQL Injection/README.md +++ b/GraphQL Injection/README.md @@ -1,4 +1,4 @@ -# GraphQL injection +# GraphQL Injection > GraphQL is a query language for APIs and a runtime for fulfilling those queries with existing data. A GraphQL service is created by defining types and fields on those types, then providing functions for each field on each type diff --git a/Insecure Deserialization/Node.md b/Insecure Deserialization/Node.md index 8a9147a..b25f3b7 100644 --- a/Insecure Deserialization/Node.md +++ b/Insecure Deserialization/Node.md @@ -1,4 +1,4 @@ -# Node +# Node Deserialization ## Summary diff --git a/Insecure Deserialization/PHP.md b/Insecure Deserialization/PHP.md index 2a46efb..e30689a 100644 --- a/Insecure Deserialization/PHP.md +++ b/Insecure Deserialization/PHP.md @@ -1,4 +1,4 @@ -# PHP Object injection +# PHP Deserialization PHP Object Injection is an application level vulnerability that could allow an attacker to perform different kinds of malicious attacks, such as Code Injection, SQL Injection, Path Traversal and Application Denial of Service, depending on the context. The vulnerability occurs when user-supplied input is not properly sanitized before being passed to the unserialize() PHP function. Since PHP allows object serialization, attackers could pass ad-hoc serialized strings to a vulnerable unserialize() call, resulting in an arbitrary PHP object(s) injection into the application scope. diff --git a/Insecure Management Interface/README.md b/Insecure Management Interface/README.md index 31be574..2c7bb95 100644 --- a/Insecure Management Interface/README.md +++ b/Insecure Management Interface/README.md @@ -1,4 +1,4 @@ -# Insecure management interface +# Insecure Management Interface ## Springboot-Actuator diff --git a/Insecure Source Code Management/README.md b/Insecure Source Code Management/README.md index ad83d02..58c0684 100644 --- a/Insecure Source Code Management/README.md +++ b/Insecure Source Code Management/README.md @@ -1,4 +1,4 @@ -# Insecure source code management +# Insecure Source Code Management * [Git](#git) + [Example](#example) diff --git a/LDAP Injection/README.md b/LDAP Injection/README.md index 1894a6e..35ed365 100644 --- a/LDAP Injection/README.md +++ b/LDAP Injection/README.md @@ -1,4 +1,4 @@ -# LDAP injection +# LDAP Injection > LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it's possible to modify LDAP statements using a local proxy. diff --git a/NoSQL Injection/README.md b/NoSQL Injection/README.md index 12fbf15..feb3981 100644 --- a/NoSQL Injection/README.md +++ b/NoSQL Injection/README.md @@ -1,4 +1,4 @@ -# NoSQL injection +# NoSQL Injection > NoSQL databases provide looser consistency restrictions than traditional SQL databases. By requiring fewer relational constraints and consistency checks, NoSQL databases often offer performance and scaling benefits. Yet these databases are still potentially vulnerable to injection attacks, even if they aren't using the traditional SQL syntax. diff --git a/OAuth/README.md b/OAuth Misconfiguration/README.md similarity index 98% rename from OAuth/README.md rename to OAuth Misconfiguration/README.md index 478f03b..71c0800 100644 --- a/OAuth/README.md +++ b/OAuth Misconfiguration/README.md @@ -1,4 +1,4 @@ -# OAuth +# OAuth Misconfiguration ## Summary diff --git a/SQL Injection/README.md b/SQL Injection/README.md index f582268..0ed8607 100644 --- a/SQL Injection/README.md +++ b/SQL Injection/README.md @@ -1,4 +1,4 @@ -# SQL injection +# SQL Injection > A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md index 9d3d392..2673689 100644 --- a/Server Side Template Injection/README.md +++ b/Server Side Template Injection/README.md @@ -1,4 +1,4 @@ -# Templates Injections +# Server Side Template Injection > Template injection allows an attacker to include template code into an existing (or not) template. A template engine makes designing HTML pages easier by using static template files which at runtime replaces variables/placeholders with actual values in the HTML pages diff --git a/Upload Insecure Files/README.md b/Upload Insecure Files/README.md index 03d57bb..f86bd32 100644 --- a/Upload Insecure Files/README.md +++ b/Upload Insecure Files/README.md @@ -1,4 +1,4 @@ -# Upload +# Upload Insecure Files > Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted filename or mime type and execute arbitrary code. diff --git a/Web Cache Deception/README.md b/Web Cache Deception/README.md index 6918db5..4171cd6 100644 --- a/Web Cache Deception/README.md +++ b/Web Cache Deception/README.md @@ -1,4 +1,4 @@ -# Web Cache Deception Attack +# Web Cache Deception ## Tools diff --git a/Web Sockets/README.md b/Web Sockets/README.md index ea11043..f00b8f8 100644 --- a/Web Sockets/README.md +++ b/Web Sockets/README.md @@ -1,17 +1,23 @@ -# Web Sockets Attacks +# Web Sockets > The WebSocket protocol allows a bidirectional and full-duplex communication between a client and a server ## Summary * [Tools](#tools) -* [Using ws-harness.py](#using-ws-harness-py) +* [Exploit](#exploit) + * [Using ws-harness.py](#using-ws-harness-py) +* [Cross-Site WebSocket Hijacking (CSWSH)](#cross-site-websocket-hijacking-cswsh) +* [Labs](#labs) +* [References](#references) ## Tools * [ws-harness.py](https://gist.githubusercontent.com/mfowl/ae5bc17f986d4fcc2023738127b06138/raw/e8e82467ade45998d46cef355fd9b57182c3e269/ws.harness.py) -## Using ws-harness.py +## Exploit + +### Using ws-harness.py Start ws-harness to listen on a web-socket, and specify a message template to send to the endpoint. diff --git a/XPATH Injection/README.md b/XPATH Injection/README.md index 6e0ac6d..026589b 100644 --- a/XPATH Injection/README.md +++ b/XPATH Injection/README.md @@ -1,4 +1,4 @@ -# XPATH injection +# XPATH Injection > XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents.