hacktricks/pentesting-web
2023-12-25 00:35:55 +00:00
..
content-security-policy-csp-bypass Translated ['pentesting-web/content-security-policy-csp-bypass/README.md 2023-11-05 22:22:31 +00:00
dangling-markup-html-scriptless-injection Translated ['generic-methodologies-and-resources/pentesting-network/nmap 2023-08-24 09:52:10 +00:00
deserialization Translated ['pentesting-web/deserialization/README.md'] to es 2023-12-21 12:42:06 +00:00
file-inclusion Translated ['pentesting-web/file-inclusion/lfi2rce-via-php-filters.md'] 2023-12-24 19:22:14 +00:00
file-upload Translated ['pentesting-web/file-upload/README.md'] to es 2023-08-29 18:18:32 +00:00
hacking-with-cookies Translated ['pentesting-web/hacking-with-cookies/README.md'] to es 2023-12-25 00:35:55 +00:00
http-request-smuggling Translated ['pentesting-web/http-request-smuggling/README.md'] to es 2023-10-11 21:04:08 +00:00
login-bypass f 2023-06-05 20:33:24 +02:00
oauth-to-account-takeover f 2023-06-05 20:33:24 +02:00
pocs-and-polygloths-cheatsheet f 2023-06-05 20:33:24 +02:00
postmessage-vulnerabilities Translated ['1911-pentesting-fox.md', 'README.md', 'ctf-write-ups/try-ha 2023-06-07 04:36:55 +00:00
saml-attacks Translated ['1911-pentesting-fox.md', 'README.md', 'ctf-write-ups/try-ha 2023-06-07 04:36:55 +00:00
sql-injection Translated ['pentesting-web/sql-injection/oracle-injection.md'] to es 2023-08-31 17:35:05 +00:00
ssrf-server-side-request-forgery Translated ['README.md', 'backdoors/salseo.md', 'forensics/basic-forensi 2023-12-16 14:31:06 +00:00
ssti-server-side-template-injection Translated ['pentesting-web/ssti-server-side-template-injection/README.m 2023-07-11 13:30:02 +00:00
unicode-injection Translated ['1911-pentesting-fox.md', 'README.md', 'ctf-write-ups/try-ha 2023-06-07 04:36:55 +00:00
web-vulnerabilities-methodology Translated ['mobile-pentesting/android-app-pentesting/webview-attacks.md 2023-10-27 15:54:47 +00:00
xs-search Translated ['pentesting-web/xs-search/css-injection/README.md'] to es 2023-12-11 10:13:58 +00:00
xss-cross-site-scripting Translated ['linux-hardening/privilege-escalation/electron-cef-chromium- 2023-10-27 16:24:02 +00:00
2fa-bypass.md Translated ['mobile-pentesting/android-app-pentesting/README.md', 'mobil 2023-10-05 10:13:39 +00:00
abusing-hop-by-hop-headers.md f 2023-06-05 20:33:24 +02:00
account-takeover.md f 2023-06-05 20:33:24 +02:00
bypass-payment-process.md Translated ['generic-methodologies-and-resources/exfiltration.md', 'gene 2023-09-03 01:16:15 +00:00
cache-deception.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
captcha-bypass.md Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2023-07-30 22:48:53 +00:00
clickjacking.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
client-side-path-traversal.md f 2023-06-05 20:33:24 +02:00
client-side-template-injection-csti.md f 2023-06-05 20:33:24 +02:00
command-injection.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
cors-bypass.md f 2023-06-05 20:33:24 +02:00
crlf-0d-0a.md Translated ['README.md', 'backdoors/salseo.md', 'forensics/basic-forensi 2023-12-16 14:31:06 +00:00
cross-site-websocket-hijacking-cswsh.md Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2023-07-30 22:48:53 +00:00
csrf-cross-site-request-forgery.md Translated ['generic-methodologies-and-resources/pentesting-network/nmap 2023-08-24 09:52:10 +00:00
dangling-markup-html-scriptless-injection.md f 2023-06-05 20:33:24 +02:00
dependency-confusion.md f 2023-06-05 20:33:24 +02:00
domain-subdomain-takeover.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
email-injections.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
file-upload.md Translated ['pentesting-web/file-upload.md'] to es 2023-10-11 21:30:46 +00:00
formula-csv-doc-latex-ghostscript-injection.md Translated ['mobile-pentesting/android-app-pentesting/webview-attacks.md 2023-10-27 15:54:47 +00:00
formula-doc-latex-injection.md Translated ['generic-methodologies-and-resources/exfiltration.md', 'gene 2023-09-03 01:16:15 +00:00
grpc-web-pentest.md Translated ['pentesting-web/grpc-web-pentest.md'] to es 2023-12-24 19:04:14 +00:00
h2c-smuggling.md Translated ['generic-methodologies-and-resources/exfiltration.md', 'gene 2023-09-03 01:16:15 +00:00
hacking-jwt-json-web-tokens.md Translated ['pentesting-web/hacking-jwt-json-web-tokens.md'] to es 2023-08-24 11:21:47 +00:00
http-connection-contamination.md f 2023-06-05 20:33:24 +02:00
http-connection-request-smuggling.md f 2023-06-05 20:33:24 +02:00
http-response-smuggling-desync.md Translated ['1911-pentesting-fox.md', 'README.md', 'ctf-write-ups/try-ha 2023-06-07 04:36:55 +00:00
idor.md f 2023-06-05 20:33:24 +02:00
integer-overflow.md f 2023-06-05 20:33:24 +02:00
ldap-injection.md f 2023-06-05 20:33:24 +02:00
nosql-injection.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
oauth-to-account-takeover.md Translated ['pentesting-web/oauth-to-account-takeover.md'] to es 2023-06-13 09:29:34 +00:00
open-redirect.md f 2023-06-05 20:33:24 +02:00
parameter-pollution.md Translated ['pentesting-web/content-security-policy-csp-bypass/README.md 2023-08-02 15:25:14 +00:00
phone-number-injections.md f 2023-06-05 20:33:24 +02:00
proxy-waf-protections-bypass.md Translated ['mobile-pentesting/android-app-pentesting/frida-tutorial/owa 2023-10-26 14:33:39 +00:00
race-condition.md Translated ['README.md', 'backdoors/salseo.md', 'forensics/basic-forensi 2023-12-16 14:31:06 +00:00
rate-limit-bypass.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
registration-vulnerabilities.md f 2023-06-05 20:33:24 +02:00
regular-expression-denial-of-service-redos.md f 2023-06-05 20:33:24 +02:00
reset-password.md Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2023-07-31 17:59:00 +00:00
reverse-tab-nabbing.md f 2023-06-05 20:33:24 +02:00
server-side-inclusion-edge-side-inclusion-injection.md Translated ['backdoors/salseo.md', 'generic-methodologies-and-resources/ 2023-06-14 11:51:06 +00:00
web-tool-wfuzz.md f 2023-06-05 20:33:24 +02:00
websocket-attacks.md Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2023-10-15 15:35:14 +00:00
xpath-injection.md Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2023-07-31 17:59:00 +00:00
xs-search.md Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2023-09-28 19:22:43 +00:00
xslt-server-side-injection-extensible-stylesheet-languaje-transformations.md f 2023-06-05 20:33:24 +02:00
xssi-cross-site-script-inclusion.md f 2023-06-05 20:33:24 +02:00
xxe-xee-xml-external-entity.md f 2023-06-05 20:33:24 +02:00