mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-11-10 07:04:22 +00:00
Normalize Titles
This commit is contained in:
parent
d88e32aaae
commit
6dd5c18b45
18 changed files with 31 additions and 21 deletions
|
@ -1,8 +1,8 @@
|
|||
# CRLF
|
||||
# Carriage Return Line Feed
|
||||
|
||||
>The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They're used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line.
|
||||
> The term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They're used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line.
|
||||
|
||||
>A CRLF Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
|
||||
> A CRLF Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
|
||||
|
||||
## Summary
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# CSV Injection (Formula Injection)
|
||||
# CSV Injection
|
||||
|
||||
Many web applications allow the user to download content such as templates for invoices or user settings to a CSV file. Many users choose to open the CSV file in either Excel, Libre Office or Open Office. When a web application does not properly validate the contents of the CSV file, it could lead to contents of a cell or many cells being executed.
|
||||
|
||||
|
|
|
@ -3,6 +3,10 @@
|
|||
## Tools
|
||||
|
||||
- [Trickest CVE Repository - Automated collection of CVEs and PoC's](https://github.com/trickest/cve)
|
||||
- [Nuclei Templates - Community curated list of templates for the nuclei engine to find security vulnerabilities in applications](https://github.com/projectdiscovery/nuclei-templates)
|
||||
- [Metasploit Framework](https://github.com/rapid7/metasploit-framework)
|
||||
- [CVE Details - The ultimate security vulnerability datasource](https://www.cvedetails.com)
|
||||
|
||||
|
||||
## Big CVEs in the last 5 years.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Directory traversal
|
||||
# Directory Traversal
|
||||
|
||||
> A directory or path traversal consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# GraphQL injection
|
||||
# GraphQL Injection
|
||||
|
||||
> GraphQL is a query language for APIs and a runtime for fulfilling those queries with existing data. A GraphQL service is created by defining types and fields on those types, then providing functions for each field on each type
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Node
|
||||
# Node Deserialization
|
||||
|
||||
## Summary
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# PHP Object injection
|
||||
# PHP Deserialization
|
||||
|
||||
PHP Object Injection is an application level vulnerability that could allow an attacker to perform different kinds of malicious attacks, such as Code Injection, SQL Injection, Path Traversal and Application Denial of Service, depending on the context. The vulnerability occurs when user-supplied input is not properly sanitized before being passed to the unserialize() PHP function. Since PHP allows object serialization, attackers could pass ad-hoc serialized strings to a vulnerable unserialize() call, resulting in an arbitrary PHP object(s) injection into the application scope.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Insecure management interface
|
||||
# Insecure Management Interface
|
||||
|
||||
## Springboot-Actuator
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Insecure source code management
|
||||
# Insecure Source Code Management
|
||||
|
||||
* [Git](#git)
|
||||
+ [Example](#example)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# LDAP injection
|
||||
# LDAP Injection
|
||||
|
||||
> LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it's possible to modify LDAP statements using a local proxy.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# NoSQL injection
|
||||
# NoSQL Injection
|
||||
|
||||
> NoSQL databases provide looser consistency restrictions than traditional SQL databases. By requiring fewer relational constraints and consistency checks, NoSQL databases often offer performance and scaling benefits. Yet these databases are still potentially vulnerable to injection attacks, even if they aren't using the traditional SQL syntax.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# OAuth
|
||||
# OAuth Misconfiguration
|
||||
|
||||
## Summary
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
# SQL injection
|
||||
# SQL Injection
|
||||
|
||||
> A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Templates Injections
|
||||
# Server Side Template Injection
|
||||
|
||||
> Template injection allows an attacker to include template code into an existing (or not) template. A template engine makes designing HTML pages easier by using static template files which at runtime replaces variables/placeholders with actual values in the HTML pages
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Upload
|
||||
# Upload Insecure Files
|
||||
|
||||
> Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted filename or mime type and execute arbitrary code.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Web Cache Deception Attack
|
||||
# Web Cache Deception
|
||||
|
||||
## Tools
|
||||
|
||||
|
|
|
@ -1,17 +1,23 @@
|
|||
# Web Sockets Attacks
|
||||
# Web Sockets
|
||||
|
||||
> The WebSocket protocol allows a bidirectional and full-duplex communication between a client and a server
|
||||
|
||||
## Summary
|
||||
|
||||
* [Tools](#tools)
|
||||
* [Using ws-harness.py](#using-ws-harness-py)
|
||||
* [Exploit](#exploit)
|
||||
* [Using ws-harness.py](#using-ws-harness-py)
|
||||
* [Cross-Site WebSocket Hijacking (CSWSH)](#cross-site-websocket-hijacking-cswsh)
|
||||
* [Labs](#labs)
|
||||
* [References](#references)
|
||||
|
||||
## Tools
|
||||
|
||||
* [ws-harness.py](https://gist.githubusercontent.com/mfowl/ae5bc17f986d4fcc2023738127b06138/raw/e8e82467ade45998d46cef355fd9b57182c3e269/ws.harness.py)
|
||||
|
||||
## Using ws-harness.py
|
||||
## Exploit
|
||||
|
||||
### Using ws-harness.py
|
||||
|
||||
Start ws-harness to listen on a web-socket, and specify a message template to send to the endpoint.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# XPATH injection
|
||||
# XPATH Injection
|
||||
|
||||
> XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents.
|
||||
|
||||
|
|
Loading…
Reference in a new issue