Commit graph

2034 commits

Author SHA1 Message Date
Swissky
801aecb2ba GraphQL + HPP 2024-11-29 13:49:54 +01:00
Swissky
e6466b4cf9 LFI/RFI pages 2024-11-29 11:52:51 +01:00
Swissky
a16f8a6de1 Path Traversal + CSV Injection 2024-11-28 21:36:01 +01:00
Swissky
57f7c8ddad ViewState Java 2024-11-27 15:29:33 +01:00
Swissky
9425cec068 Handlebars - Basic Injection 2024-11-25 18:42:36 +01:00
Swissky
6bfad6a84d SSTI - SpEL 2024-11-25 13:56:29 +01:00
Swissky
35109b4154 CORS and CRLF updates 2024-11-24 13:44:55 +01:00
Swissky
4e03772f4a API Key rework 2024-11-18 18:26:58 +01:00
Swissky
0108d01571 Edge Side Inclusion 2024-11-18 16:51:28 +01:00
Swissky
98cfc9ce8c XXE Error Based Local DTD 2024-11-18 12:41:35 +01:00
Swissky
846706b87d XXE on JSON Endpoints 2024-11-18 10:43:39 +01:00
Swissky
9932059563 YAML Deserialization 2024-11-17 20:48:10 +01:00
Swissky
b98f8ca587 DB2 Injection updates 2024-11-17 18:37:07 +01:00
Swissky
3c5bab0338 SQL - File Manipulation and Error Based Injection 2024-11-16 18:49:01 +01:00
Swissky
9a908a15d2 MSSQL, OracleSQL, PostgreSQL Substring Equivalent 2024-11-16 15:35:43 +01:00
Swissky
67af38aa4e SQL Injections - Updates for MSSQL, Oracle, PostgreSQL 2024-11-15 23:56:04 +01:00
Swissky
f57d0813ca SQL - MySQL Page Cleanup 2024-11-15 18:42:58 +01:00
Swissky
cde11da0c7 SQL Injection - Methodology 2024-11-15 14:48:58 +01:00
Swissky
8bc33f8bb7 Fix markdown style issues in Account Takeover 2024-11-13 15:30:33 +01:00
Swissky
a6b3b9dd05 CONTRIBUTING page updates - adding rules 2024-11-13 14:24:09 +01:00
Swissky
f333d48960 Fix invalid spaces indents 2024-11-13 14:08:26 +01:00
Swissky
dc349c10c3 Update _template_vuln page 2024-11-13 13:39:19 +01:00
Swissky
d6ce9cd317 Github Action - Markdown Linting for PR 2024-11-13 12:29:42 +01:00
Swissky
118924f291 Challenges added for CRLF, Command Injection, File Inclusion 2024-11-12 19:01:34 +01:00
Swissky
0a5ecc407c Normalize page header for Web Socket, XSLT, XSS, XXE 2024-11-10 21:15:44 +01:00
Swissky
48a4e5c95b Normalize page header for SQLi, Upload, Cache Deception 2024-11-10 20:49:52 +01:00
Swissky
a338b2f12a Normalize page header for SSTI, SAML, SSI 2024-11-10 19:14:16 +01:00
Swissky
1a3e605d64 Normalize page header for JWT, LDAP, LaTeX, OAuth, ORM 2024-11-10 15:28:12 +01:00
Swissky
2304101657 Normalize page header for GraphQL, Deserialization, SCM 2024-11-10 14:37:48 +01:00
Swissky
2deb20a6f1 Normalize page header for CSRF, DNS, DOS, Dependencies 2024-11-10 11:18:46 +01:00
Swissky
d80f73a829 Normalize page header for API, CSPT, CORS, CSRF 2024-11-09 23:01:39 +01:00
Swissky
c82cd6408a Renaming Subdomain Enumeration to Web Attack Surface 2024-11-09 12:38:35 +01:00
Swissky
70fb63a9bf
Merge pull request #756 from Fisjkars/patch-1
Add CVE-2023–5123 in CSPT2CSRF real world scenario
2024-11-08 22:20:45 +01:00
Swissky
4f0e6334bd References updated for XSS + page splitted in subcategories 2024-11-08 18:23:43 +01:00
Maxime Escourbiac
5c60cd7b61
Add CVE-2023–5123 in CSPT2CSRF real world scenario 2024-11-08 15:09:08 +01:00
Swissky
37641d2b9e References updated for XPATH, XSLT, XXE, Web Socket 2024-11-07 23:50:30 +01:00
Swissky
b2bb1df9a9 References addded for SQLi, Upload, SSTI, Type Juggling 2024-11-07 20:54:16 +01:00
Swissky
ffa5ea764a
Merge pull request #755 from n3rada/patch-1
PostgreSQL privilege list update
2024-11-07 18:42:46 +01:00
Swissky
df8d4d7f27 References updated for SAML, SSI, SSRF 2024-11-07 18:31:21 +01:00
Swissky
9ed40edfca References updated for NoSQL, OAuth, ORM, Prompt, RegEx 2024-11-07 16:20:58 +01:00
n3rada
a590290016
PostgreSQL privilege list update 2024-11-07 15:12:58 +01:00
Swissky
b80b72d3a3 References updated for JWT, RMI, LDAP, LaTeX 2024-11-07 14:50:52 +01:00
Swissky
ccffaa5019 References updated for IDOR, Radomness and SCM 2024-11-07 12:17:38 +01:00
Swissky
7e390265a0 References added for GWT, GraphQL, HTTP, Headless 2024-11-06 23:32:18 +01:00
Swissky
e47391b12b References updated for Dom Clobbering, File Inclusion 2024-11-05 17:29:15 +01:00
Swissky
e138308d3d References updated for CORS CRLF CSV 2024-11-04 18:00:07 +01:00
Swissky
4dc409d31e References updated for API, Business, Clickjacking, CSPT, Command
Injection
2024-11-04 16:35:24 +01:00
Swissky
138fbd97f9 Account Takeover References 2024-11-03 21:22:14 +01:00
Swissky
21dfd91180 SSTI references updates 2024-11-03 20:54:01 +01:00
Swissky
51fe542992 nested_indent in mkdocs 2024-11-03 17:36:19 +01:00