Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-web-security
https://github.com/Sup4ch0k3/awesome-web-security
Last synced: 4 days ago
JSON representation
-
Resources
-
FTP Injection
- SMTP over XXE − how to send emails using Java's XML parser - Written by [Alexander Klink](https://shiftordie.de/).
- Advisory: Java/Python FTP Injections Allow for Firewall Bypass - Written by [Timothy Morgan](https://plus.google.com/105917618099766831589).
-
XXE - XML eXternal Entity
- XXE漏洞的简单理解和测试 - Written by [@b1ngz](https://b1ngz.github.io/).
- XXE - Written by [@phonexicum](https://twitter.com/phonexicum).
-
Books
- Security Geek 2016 - Part. B - Written by [360网络攻防实验室](http://bobao.360.cn/).
- Security Geek 2017 - Q1 - Written by [360网络攻防实验室](http://bobao.360.cn/).
- Security Geek 2016 - Part. A - Written by [360网络攻防实验室](http://bobao.360.cn/).
- Security Geek 2017 - Q2 - Written by [360网络攻防实验室](http://bobao.360.cn/).
-
XSS - Cross-Site Scripting
- H5SC - HTML5 Security Cheatsheet - Collection of HTML5 related XSS attack vectors by [@cure53](https://github.com/cure53).
- XSS.png - XSS mind map by [@jackmasa](https://github.com/jackmasa).
- C.XSS Guide - Comprehensive tutorial on cross-site scripting by [@JakobKallin](https://github.com/JakobKallin) and [Irene Lobo Valbuena](https://www.linkedin.com/in/irenelobovalbuena/).
-
AWS
- PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET - Written by Dwight Hohnstein from [Rhino Security Labs](https://rhinosecuritylabs.com/).
-
CSRF - Cross-Site Request Forgery
- 讓我們來談談 CSRF - Written by [TechBridge](http://blog.techbridge.cc/).
- Wiping Out CSRF - Written by [Joe Rozner](https://medium.com/@jrozner).
- 讓我們來談談 CSRF - Written by [TechBridge](http://blog.techbridge.cc/).
- 讓我們來談談 CSRF - Written by [TechBridge](http://blog.techbridge.cc/).
-
SSRF - Server-Side Request Forgery
- SSRF bible. Cheatsheet - Written by [@Wallarm](https://twitter.com/wallarm).
-
Rails
- Rails 動態樣板路徑的風險 - Written by [Shaolin](http://devco.re/blog/author/shaolin/).
-
SSL/TLS
- SSL & TLS Penetration Testing - Written by [APTIVE](https://www.aptive.co.uk/).
-
Webmail
- Webmail-Hacking - Written by [千域千寻](http://blog.csdn.net/f1n4lly/).
-
Tips
- Infosec Newbie - Written by [Mark Robinson](https://www.sneakymonkey.net/).
- Got Your PW - Written by [@s3131212](https://github.com/s3131212).
-
CSV Injection
- CSV Injection -> Meterpreter on Pornhub - Written by [Andy](https://blog.zsec.uk/).
- The Absurdly Underestimated Dangers of CSV Injection - Written by [George Mauer](http://georgemauer.net/).
-
ORM Injection
- HQL for pentesters - Written by [@h3xstream](https://twitter.com/h3xstream/).
- HQL : Hyperinsane Query Language (or how to access the whole SQL API within a HQL injection ?) - Written by [@_m0bius](https://twitter.com/_m0bius).
- ORM2Pwn: Exploiting injections in Hibernate ORM - Written by [Mikhail Egorov](https://0ang3el.blogspot.tw/).
- ORM Injection - Written by [Simone Onofri](https://onofri.org/).
-
Crypto
- Applied Crypto Hardening - Written by [The bettercrypto.org Team](https://bettercrypto.org/).
-
-
Forums
- 指尖安全 - 垂直互联网安全媒体 by [指尖安全](指尖安全).
- T00LS - T00LS - 低调求发展 - 潜心习安全.
- Paper - 安全技术精粹 - Knowledge base for hacking technology built by 404 Team from [knownsec](https://www.knownsec.com/).
- Drops (backup) - Drops was known as a famous knowledge base for hacking technology.
- HackDig - Dig high-quality web security articles for hacker.
- Paper - 安全技术精粹 - Knowledge base for hacking technology built by 404 Team from [knownsec](https://www.knownsec.com/).
- 安全客 - 有思想的安全新媒体 by [360网络攻防实验室](https://m.weibo.cn/u/5738163260).
- Freebuf - Freebuf is the most popular forum in China for exchanging and sharing hacking technology.
- 安全脉搏 - Blog for Security things.
-
Evasions
-
WAF
- Airbnb – When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities - Written by [@Brett Buerhaus](https://twitter.com/bbuerhaus).
-
Authentication
- Trend Micro Threat Discovery Appliance - Session Generation Authentication Bypass (CVE-2016-8584) - Written by [@malerisch](https://twitter.com/malerisch) and [@steventseeley](https://twitter.com/steventseeley).
- Yahoo Bug Bounty: Chaining 3 Minor Issues To Takeover Flickr Accounts - Written by [Mishre](http://blog.mish.re/).
-
-
Tricks
-
Remote Code Execution
- eval长度限制绕过 && PHP5.6新特性 - Written by [PHITHON](https://www.leavesongs.com/).
- Exploiting Node.js deserialization bug for Remote Code Execution - Written by [OpSecX](https://opsecx.com/index.php/author/ajinabraham/).
- DRUPAL 7.X SERVICES MODULE UNSERIALIZE() TO RCE - Written by [Ambionics Security](https://www.ambionics.io/).
- How we exploited a remote code execution vulnerability in math.js - Written by [@capacitorset](https://github.com/capacitorset).
- GitHub Enterprise Remote Code Execution - Written by [@iblue](https://github.com/iblue).
- How i Hacked into a PayPal's Server - Unrestricted File Upload to Remote Code Execution - Written by [Vikas Anil Sharma](http://blog.pentestbegins.com/).
- How i Hacked into a PayPal's Server - Unrestricted File Upload to Remote Code Execution - Written by [Vikas Anil Sharma](http://blog.pentestbegins.com/).
-
SQL Injection
- 屌智硬之mysql不用逗号注入 - Written by [jinglingshu](http://www.jinglingshu.org/?p=2220).
- MySQL Error Based SQL Injection Using EXP - Written by [@osandamalith](https://twitter.com/osandamalith).
- SQL injection in an UPDATE query - a bug bounty story! - Written by [Zombiehelp54](http://zombiehelp54.blogspot.jp/).
- 见招拆招:绕过WAF继续SQL注入常用方法 - Written by [mikey](http://www.freebuf.com/author/mikey).
- GitHub Enterprise SQL Injection - Written by [Orange](http://blog.orange.tw/).
-
URL
- URL Hacking - 前端猥琐流 - Written by [0x_Jin](http://xssec.lofter.com/).
- Some Problems Of URLs - Written by [Chris Palmer](https://noncombatant.org/about/).
- Phishing with Unicode Domains - Written by [Xudong Zheng](https://www.xudongz.com/).
- Unicode Domains are bad and you should feel bad for supporting them - Written by [VRGSEC](https://www.vgrsec.com/).
-
Others
- CTF比赛总是输?你还差点Tricks! - Written by [PHITHON](https://www.leavesongs.com/).
- 隱匿的攻擊之-Domain Fronting - Written by [Evi1cg](https://evi1cg.me/).
- How I hacked Google’s bug tracking system itself for $15,600 in bounties - Written by [@alex.birsan](https://medium.freecodecamp.org/@alex.birsan).
- Some Tricks From My Secret Group - Written by [PHITHON](https://www.leavesongs.com/).
- Uber Bug Bounty: Gaining Access To An Internal Chat System - Written by [MISHRE](http://blog.mish.re/).
-
XSS
- - Written by [Marin Moulinier](https://medium.com/@marin_m).
- DON'T TRUST THE DOM: BYPASSING XSS MITIGATIONS VIA SCRIPT GADGETS - Written by [Sebastian Lekies](https://twitter.com/slekies), [Krzysztof Kotowicz](https://twitter.com/kkotowicz), and [Eduardo Vela](https://twitter.com/sirdarckcat).
- Uber XSS via Cookie - Written by [zhchbin](http://zhchbin.github.io/).
- DOM XSS – auth.uber.com - Written by [StamOne_](http://stamone-bug-bounty.blogspot.tw/).
-
NoSQL Injection
- GraphQL NoSQL Injection Through JSON Types - Written by [@east5th](https://medium.com/@east5th).
-
FTP Injection
- XML Out-Of-Band Data Retrieval - Written by [@a66at](https://twitter.com/a66at) and Alexey Osipov.
-
SSRF
- SSRF in https://imgur.com/vidgif/url - Written by [aesteral](https://hackerone.com/aesteral).
- A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! - Written by [Orange](http://blog.orange.tw/).
- SSRF Tips - Written by [xl7dev](http://blog.safebuff.com/).
-
-
Browser Exploitation
-
Frontend (like CSP bypass, URL spoofing, and something like that)
- 浏览器漏洞挖掘思路 - Written by [Twosecurity](https://twosecurity.io/).
- Browser UI Security 技术白皮书 - Written by [腾讯玄武实验室](http://xlab.tencent.com/).
- SOP bypass / UXSS – Stealing Credentials Pretty Fast (Edge) - Written by [Manuel](https://twitter.com/magicmac2000).
- ブラウザの脆弱性とそのインパクト - Written by [Muneaki Nishimura](https://speakerdeck.com/nishimunea) and [Masato Kinugawa](https://twitter.com/kinugawamasato).
-
Backend (core of Browser implementation, and often refers to C or C++ part)
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- First Step to Browser Exploitation - Written by [Brian Pak](http://mashirogod.dothome.co.kr/).
- Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622 - Written by [[email protected]]([email protected]).
- Three roads lead to Rome - Written by [Luke Viruswalker](http://blogs.360.cn/360safe/author/xsecure/).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- FROM CRASH TO EXPLOIT: CVE-2015-6086 – OUT OF BOUND READ/ASLR BYPASS - Written by [payatu](http://payatu.com/).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
-
-
Tools
-
Reconnaissance
- FOFA - 网络空间资产搜索引擎 by [白帽汇](http://baimaohui.net/).
- 傻蛋联网设备搜索 - 监测互联网基础设施安全威胁 by [@傻蛋搜索](http://weibo.com/shadansou).
- ZoomEye - ZoomEye 是一个针对网络空间的搜索引擎 by [@zoomeye_team](https://twitter.com/zoomeye_team).
- Shodan - Shodan is the world's first search engine for Internet-connected devices by [@shodanhq](https://twitter.com/shodanhq).
- urlscan.io - Service which analyses websites and the resources they request by [@heipei](https://twitter.com/heipei).
- NSFOCUS - THREAT INTELLIGENCE PORTAL by NSFOCUS GLOBAL.
- Certificate Search - Enter an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID to search certificate(s) by [@crtsh](https://github.com/crtsh).
- Censys - Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet by [University of Michigan](https://umich.edu/).
-
Webshell
- Linux后门整理合集(脉搏推荐) - Written by [armyzer0](https://www.secpulse.com/archives/author/armyzer0).
-
Others
- Dnslogger - DNS Logger by [@iagox86](https://github.com/iagox86).
-
-
Blogs
-
Others
- Wfox - 技术宅,热衷各种方面。
- LoRexxar - 带着对技术的敬畏之心成长,不安于一隅...
- leavesongs - China's talented web penetrator.
- Broken Browser - Fun with Browser Vulnerabilities.
- Blog of Osanda - Security Researching and Reverse Engineering.
- BRETT BUERHAUS - Vulnerability disclosures and rambles on application security.
- n0tr00t - ~# n0tr00t Security Team.
- OpnSec - Open Mind Security!
-
-
Miscellaneous
-
ModSecurity / OWASP ModSecurity Core Rule Set
- 暗网系列之:利用Dark Web Report + EyeWitness+ TorGhost +Docker,自动化获取暗网站点的信息 - Written by [鹰小编](http://www.mottoin.com/user/ying/).
- Google VRP and Unicorns - Written by [Daniel Stelter-Gliese](https://www.linkedin.com/in/daniel-stelter-gliese-170a70a2/).
- 如何正確的取得使用者 IP ? - Written by [Allen Own](http://devco.re/blog/author/allenown).
- GITLEAKS - Search engine for exposed secrets on lots of places.
- Hunting for Web Shells - Written by [Jacob Baines](https://www.tenable.com/profile/jacob-baines).
- The Definitive Security Data Science and Machine Learning Guide - Written by JASON TROS.
- Browser Extension and Login-Leak Experiment - Browser Extension and Login-Leak Experiment.
- A glimpse into GitHub's Bug Bounty workflow - Written by [@gregose](https://github.com/gregose).
-
-
Social Engineering Database
-
Others
- haveibeenpwned - Check if you have an account that has been compromised in a data breach by [Troy Hunt](https://www.troyhunt.com/).
- mysql-password - Database of MySQL hashes.
- 70 SECURITY TEAM Social Engineering Data - 70 SECURITY TEAM 社工库 by [70 Security Team](http://70sec.com/).
-
-
Twitter Users
-
Others
- @HackwithGitHub - Initiative to showcase open source hacking tools for hackers and pentesters
- @filedescriptor - Active penetrator often tweets and writes useful articles
- @cure53berlin - [Cure53](https://cure53.de/) is a German cybersecurity firm.
- @XssPayloads - The wonderland of JavaScript unexpected usages, and more.
- @kinugawamasato - Japanese web penetrator.
- @h3xstream - Security Researcher, interested in web security, crypto, pentest, static analysis but most of all, samy is my hero.
- @garethheyes - English web penetrator.
- @hasegawayosuke - Japanese javascript security researcher.
-
-
Practices
-
AWS
- FLAWS - Amazon AWS CTF challenge - Written by [@0xdabbad00](https://twitter.com/0xdabbad00).
-
XSS
- alert(1) to win - Series of XSS challenges - Written by [@steike](https://twitter.com/steike).
-
ModSecurity / OWASP ModSecurity Core Rule Set
- ModSecurity / OWASP ModSecurity Core Rule Set - Series of tutorials to install, configure and tune ModSecurity and the Core Rule Set - Written by [@ChrFolini](https://twitter.com/ChrFolini).
-
-
Community
-
ModSecurity / OWASP ModSecurity Core Rule Set
-
Programming Languages
Categories
Sub Categories
Others
25
Backend (core of Browser implementation, and often refers to C or C++ part)
19
ModSecurity / OWASP ModSecurity Core Rule Set
11
Reconnaissance
8
Remote Code Execution
7
XSS
5
SQL Injection
5
Frontend (like CSP bypass, URL spoofing, and something like that)
4
CSRF - Cross-Site Request Forgery
4
URL
4
Books
4
ORM Injection
4
SSRF
3
XSS - Cross-Site Scripting
3
FTP Injection
3
XXE - XML eXternal Entity
2
Tips
2
AWS
2
Authentication
2
CSV Injection
2
WAF
1
SSRF - Server-Side Request Forgery
1
Webshell
1
Rails
1
NoSQL Injection
1
Crypto
1
Webmail
1
SSL/TLS
1