|
.github
|
Github Action - Markdown Linting for PR
|
2024-11-13 12:29:42 +01:00 |
|
_LEARNING_AND_SOCIALS
|
Update YOUTUBE.md - Fix markdown style
|
2025-02-09 21:27:49 +01:00 |
|
_template_vuln
|
Update _template_vuln page
|
2024-11-13 13:39:19 +01:00 |
|
Account Takeover
|
Fix markdown style issues in Account Takeover
|
2024-11-13 15:30:33 +01:00 |
|
API Key Leaks
|
API Key rework
|
2024-11-18 18:26:58 +01:00 |
|
Business Logic Errors
|
Normalize page header for CSRF, DNS, DOS, Dependencies
|
2024-11-10 11:18:46 +01:00 |
|
Clickjacking
|
Path Traversal + CSV Injection
|
2024-11-28 21:36:01 +01:00 |
|
Client Side Path Traversal
|
Lightyear tool - PHP wrappers
|
2025-01-22 16:38:16 +01:00 |
|
Command Injection
|
System prompt + Arg injection + Disclaimer
|
2025-01-14 22:26:29 +01:00 |
|
CORS Misconfiguration
|
Path Traversal + CSV Injection
|
2024-11-28 21:36:01 +01:00 |
|
CRLF Injection
|
SSTI - SpEL
|
2024-11-25 13:56:29 +01:00 |
|
Cross-Site Request Forgery
|
Path Traversal + CSV Injection
|
2024-11-28 21:36:01 +01:00 |
|
CSV Injection
|
csv injection: google sheets formulas
|
2024-12-04 17:11:36 +01:00 |
|
CVE Exploits
|
Normalize page header for CSRF, DNS, DOS, Dependencies
|
2024-11-10 11:18:46 +01:00 |
|
Denial of Service
|
Normalize page header for CSRF, DNS, DOS, Dependencies
|
2024-11-10 11:18:46 +01:00 |
|
Dependency Confusion
|
System prompt + Arg injection + Disclaimer
|
2025-01-14 22:26:29 +01:00 |
|
Directory Traversal
|
LFI/RFI pages
|
2024-11-29 11:52:51 +01:00 |
|
DNS Rebinding
|
LFI/RFI pages
|
2024-11-29 11:52:51 +01:00 |
|
DOM Clobbering
|
LFI/RFI pages
|
2024-11-29 11:52:51 +01:00 |
|
File Inclusion
|
Lightyear tool - PHP wrappers
|
2025-01-22 16:38:16 +01:00 |
|
Google Web Toolkit
|
Normalize page header for GraphQL, Deserialization, SCM
|
2024-11-10 14:37:48 +01:00 |
|
GraphQL Injection
|
GraphQL + HPP
|
2024-11-29 13:49:54 +01:00 |
|
Headless Browser
|
GraphQL + HPP
|
2024-11-29 13:49:54 +01:00 |
|
Hidden Parameters
|
Normalize page header for GraphQL, Deserialization, SCM
|
2024-11-10 14:37:48 +01:00 |
|
HTTP Parameter Pollution
|
GraphQL + HPP
|
2024-11-29 13:49:54 +01:00 |
|
Insecure Deserialization
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
Insecure Direct Object References
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
Insecure Management Interface
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
Insecure Randomness
|
Normalize page header for GraphQL, Deserialization, SCM
|
2024-11-10 14:37:48 +01:00 |
|
Insecure Source Code Management
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
Java RMI
|
Fix invalid spaces indents
|
2024-11-13 14:08:26 +01:00 |
|
JSON Web Token
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
LaTeX Injection
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
LDAP Injection
|
LDAP + LaTeX + Management Interface
|
2024-11-29 18:09:59 +01:00 |
|
Mass Assignment
|
NoSQL + Open Redirect
|
2024-11-29 22:08:58 +01:00 |
|
Methodology and Resources
|
Normalize page header for JWT, LDAP, LaTeX, OAuth, ORM
|
2024-11-10 15:28:12 +01:00 |
|
NoSQL Injection
|
NoSQL + Open Redirect
|
2024-11-29 22:08:58 +01:00 |
|
OAuth Misconfiguration
|
NoSQL + Open Redirect
|
2024-11-29 22:08:58 +01:00 |
|
Open Redirect
|
NoSQL + Open Redirect
|
2024-11-29 22:08:58 +01:00 |
|
ORM Leak
|
Indirect Prompt Injection
|
2024-11-29 23:39:17 +01:00 |
|
Prompt Injection
|
System prompt + Arg injection + Disclaimer
|
2025-01-14 22:26:29 +01:00 |
|
Prototype Pollution
|
Regex + SSRF
|
2024-11-30 19:48:32 +01:00 |
|
Race Condition
|
Regex + SSRF
|
2024-11-30 19:48:32 +01:00 |
|
Regular Expression
|
Regex + SSRF
|
2024-11-30 19:48:32 +01:00 |
|
Request Smuggling
|
Regex + SSRF
|
2024-11-30 19:48:32 +01:00 |
|
SAML Injection
|
Normalize page header for SSTI, SAML, SSI
|
2024-11-10 19:14:16 +01:00 |
|
Server Side Include Injection
|
Edge Side Inclusion
|
2024-11-18 16:51:28 +01:00 |
|
Server Side Request Forgery
|
Regex + SSRF
|
2024-11-30 19:48:32 +01:00 |
|
Server Side Template Injection
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
SQL Injection
|
UUID_TO_BIN SQLi Error Based
|
2025-01-25 11:49:15 +01:00 |
|
Tabnabbing
|
Normalize page header for SQLi, Upload, Cache Deception
|
2024-11-10 20:49:52 +01:00 |
|
Type Juggling
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
Upload Insecure Files
|
PHP tricks and webshells
|
2025-02-09 20:24:21 +01:00 |
|
Web Cache Deception
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
Web Sockets
|
Normalize page header for Web Socket, XSLT, XSS, XXE
|
2024-11-10 21:15:44 +01:00 |
|
XPATH Injection
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
XSLT Injection
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
XSS Injection
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
XXE Injection
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
Zip Slip
|
XPATH + XSS + XXE + XSLT
|
2024-11-30 21:14:51 +01:00 |
|
.gitignore
|
YAML Deserialization
|
2022-09-16 16:37:40 +02:00 |
|
CONTRIBUTING.md
|
CONTRIBUTING page updates - adding rules
|
2024-11-13 14:24:09 +01:00 |
|
custom.css
|
CSS - Update style color + Blind SQL Oracle
|
2023-12-10 13:27:21 +01:00 |
|
DISCLAIMER.md
|
System prompt + Arg injection + Disclaimer
|
2025-01-14 22:26:29 +01:00 |
|
LICENSE
|
Create License
|
2019-05-25 16:27:35 +02:00 |
|
mkdocs.yml
|
SSTI references updates
|
2024-11-03 20:54:01 +01:00 |
|
README.md
|
Fix typos
|
2024-09-16 18:05:54 +02:00 |
