hacktricks/pentesting-web
2024-11-12 12:21:09 +00:00
..
browser-extension-pentesting-methodology Translated ['binary-exploitation/libc-heap/README.md', 'binary-exploitat 2024-09-16 20:59:55 +00:00
cache-deception Translated ['network-services-pentesting/pentesting-smtp/smtp-smuggling. 2024-08-18 11:01:13 +00:00
content-security-policy-csp-bypass Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
dangling-markup-html-scriptless-injection Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
deserialization Translated ['mobile-pentesting/xamarin-apps.md', 'pentesting-web/deseria 2024-11-05 23:48:13 +00:00
file-inclusion Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:47:43 +00:00
file-upload Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
hacking-with-cookies Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
http-request-smuggling Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:47:43 +00:00
login-bypass Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:47:43 +00:00
oauth-to-account-takeover Translated ['forensics/basic-forensic-methodology/partitions-file-system 2024-02-05 02:56:36 +00:00
pocs-and-polygloths-cheatsheet Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
postmessage-vulnerabilities Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
saml-attacks Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
sql-injection Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
ssrf-server-side-request-forgery Translated ['generic-methodologies-and-resources/python/bypass-python-sa 2024-11-12 10:21:21 +00:00
ssti-server-side-template-injection Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
unicode-injection Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
web-vulnerabilities-methodology Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
xs-search Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
xss-cross-site-scripting Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
2fa-bypass.md Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
abusing-hop-by-hop-headers.md Translated ['generic-methodologies-and-resources/python/bypass-python-sa 2024-10-01 14:40:33 +00:00
account-takeover.md Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00
bypass-payment-process.md Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
cache-deception.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-29 21:06:45 +00:00
captcha-bypass.md Translated ['pentesting-web/captcha-bypass.md'] to cn 2024-09-09 14:54:23 +00:00
clickjacking.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
client-side-path-traversal.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
client-side-template-injection-csti.md Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
command-injection.md Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:47:43 +00:00
cors-bypass.md Translated ['generic-methodologies-and-resources/python/bypass-python-sa 2024-11-12 10:21:21 +00:00
crlf-0d-0a.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
cross-site-websocket-hijacking-cswsh.md Translated to Chinese 2023-08-03 19:12:22 +00:00
csrf-cross-site-request-forgery.md Translated ['binary-exploitation/libc-heap/README.md', 'binary-exploitat 2024-09-16 20:59:55 +00:00
dangling-markup-html-scriptless-injection.md Translated to Chinese 2023-08-03 19:12:22 +00:00
dependency-confusion.md Translated ['crypto-and-stego/cryptographic-algorithms/unpacking-binarie 2024-07-19 04:51:22 +00:00
domain-subdomain-takeover.md Translated ['pentesting-web/domain-subdomain-takeover.md'] to cn 2024-10-29 14:00:31 +00:00
email-injections.md Translated ['pentesting-web/email-injections.md', 'todo/emails-vulns.md' 2024-08-19 15:46:18 +00:00
file-upload.md Translated ['pentesting-web/file-upload.md'] to cn 2023-10-11 21:30:53 +00:00
formula-csv-doc-latex-ghostscript-injection.md Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
formula-doc-latex-injection.md Translated ['generic-methodologies-and-resources/exfiltration.md', 'gene 2023-09-03 01:34:43 +00:00
grpc-web-pentest.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
h2c-smuggling.md Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
hacking-jwt-json-web-tokens.md Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
http-connection-contamination.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
http-connection-request-smuggling.md Translated ['binary-exploitation/basic-stack-binary-exploitation-methodo 2024-07-18 22:08:20 +00:00
http-response-smuggling-desync.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
idor.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
iframe-traps.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
integer-overflow.md Translated ['mobile-pentesting/ios-pentesting/ios-protocol-handlers.md', 2024-02-09 08:09:21 +00:00
ldap-injection.md Translated ['binary-exploitation/format-strings/README.md', 'binary-expl 2024-11-12 12:18:24 +00:00
nosql-injection.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
oauth-to-account-takeover.md Translated ['mobile-pentesting/android-app-pentesting/apk-decompilers.md 2024-11-05 18:07:21 +00:00
open-redirect.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
orm-injection.md Translated ['pentesting-web/orm-injection.md'] to cn 2024-07-30 11:02:15 +00:00
parameter-pollution.md Translated ['pentesting-web/parameter-pollution.md'] to cn 2024-11-12 12:21:09 +00:00
phone-number-injections.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
proxy-waf-protections-bypass.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
race-condition.md Translated ['pentesting-web/race-condition.md'] to cn 2024-08-18 15:56:41 +00:00
rate-limit-bypass.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
registration-vulnerabilities.md Translated ['README.md', 'crypto-and-stego/hash-length-extension-attack. 2024-09-04 13:29:40 +00:00
regular-expression-denial-of-service-redos.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
reset-password.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
reverse-tab-nabbing.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
server-side-inclusion-edge-side-inclusion-injection.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
timing-attacks.md Translated ['pentesting-web/timing-attacks.md'] to cn 2024-08-21 13:47:27 +00:00
uuid-insecurities.md Translated ['pentesting-web/uuid-insecurities.md'] to cn 2024-08-12 14:43:53 +00:00
web-tool-wfuzz.md Translated ['pentesting-web/sql-injection/README.md', 'pentesting-web/sq 2024-09-08 10:51:43 +00:00
web-vulnerabilities-methodology.md Translated ['README.md', 'generic-methodologies-and-resources/python/byp 2024-11-09 13:47:43 +00:00
websocket-attacks.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
xpath-injection.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
xs-search.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
xslt-server-side-injection-extensible-stylesheet-language-transformations.md Translated ['crypto-and-stego/cryptographic-algorithms/unpacking-binarie 2024-07-19 04:51:22 +00:00
xslt-server-side-injection-extensible-stylesheet-languaje-transformations.md Translated to Chinese 2023-08-03 19:12:22 +00:00
xssi-cross-site-script-inclusion.md Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
xxe-xee-xml-external-entity.md Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00