Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
qazbnm456-awesome-web-security
https://github.com/qazbnm456/awesome-web-security
https://github.com/mishmashclone/qazbnm456-awesome-web-security
Last synced: 2 days ago
JSON representation
-
Tricks
-
CSRF
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Neat tricks to bypass CSRF-protection - Written by [Twosecurity](https://twosecurity.io/).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- If HttpOnly You Could Still CSRF… Of CORS you can! - Written by [@GraphX](https://twitter.com/GraphX).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Cracking Java’s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters - Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie).
- Exploiting CSRF on JSON endpoints with Flash and redirects - Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar).
-
SSRF
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- SSRF in https://imgur.com/vidgif/url - Written by [aesteral](https://hackerone.com/aesteral).
- PHP SSRF Techniques - Written by [@themiddleblue](https://medium.com/@themiddleblue).
- All you need to know about SSRF and how may we write tools to do auto-detect - Written by [@Auxy233](https://twitter.com/Auxy233).
- A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! - Written by [Orange](http://blog.orange.tw/).
- SSRF Tips - Written by [xl7dev](http://blog.safebuff.com/).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Into the Borg – SSRF inside Google production network - Written by [opnsec](https://opnsec.com/).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- Piercing the Veil: Server Side Request Forgery to NIPRNet access - Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera).
- SSRF to ROOT Access - A $25k bounty for SSRF leading to ROOT Access in all instances by [0xacb](https://hackerone.com/0xacb).
-
Clickjacking
- Clickjackings in Google worth 14981.7$ - Written by [@raushanraj_65039](https://medium.com/@raushanraj_65039).
-
Remote Code Execution
- CVE-2019-1306: ARE YOU MY INDEX? - Written by [@yu5k3](https://twitter.com/yu5k3).
- WebLogic RCE (CVE-2019-2725) Debug Diary - Written by Badcode@Knownsec 404 Team.
- Exploiting Node.js deserialization bug for Remote Code Execution - Written by [OpSecX](https://opsecx.com/index.php/author/ajinabraham/).
- DRUPAL 7.X SERVICES MODULE UNSERIALIZE() TO RCE - Written by [Ambionics Security](https://www.ambionics.io/).
- How we exploited a remote code execution vulnerability in math.js - Written by [@capacitorset](https://github.com/capacitorset).
- GitHub Enterprise Remote Code Execution - Written by [@iblue](https://github.com/iblue).
- $36k Google App Engine RCE - Written by [Ezequiel Pereira](https://sites.google.com/site/testsitehacking/).
- Poor RichFaces - Written by [CODE WHITE](https://www.code-white.com/).
- Remote Code Execution on a Facebook server - Written by [@blaklis_](https://twitter.com/blaklis_).
- What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability. - Written by [@breenmachine](https://twitter.com/@breenmachine).
-
XSS
- Exploiting XSS with 20 characters limitation - Written by [Jorge Lajara](https://jlajara.gitlab.io/).
- Upgrade self XSS to Exploitable XSS an 3 Ways Technic - Written by [HAHWUL](https://www.hahwul.com/).
- Query parameter reordering causes redirect page to render unsafe URL - Written by [kenziy](https://hackerone.com/kenziy).
- How I found a $5,000 Google Maps XSS (by fiddling with Protobuf) - Written by [@marin_m](https://medium.com/@marin_m).
- DON'T TRUST THE DOM: BYPASSING XSS MITIGATIONS VIA SCRIPT GADGETS - Written by [Sebastian Lekies](https://twitter.com/slekies), [Krzysztof Kotowicz](https://twitter.com/kkotowicz), and [Eduardo Vela](https://twitter.com/sirdarckcat).
- Uber XSS via Cookie - Written by [zhchbin](http://zhchbin.github.io/).
- 5文字で書くJavaScript - Shibuya.XSS techtalk #10 by [Masato Kinugawa](https://twitter.com/kinugawamasato).
- Stored XSS on Facebook - Written by [Enguerran Gillier](https://opnsec.com/).
- XSS in Google Colaboratory + CSP bypass - Written by [Michał Bentkowski](https://blog.bentkowski.info/).
- Another XSS in Google Colaboratory - Written by [Michał Bentkowski](https://blog.bentkowski.info/).
- </script> is filtered ? - Written by [@strukt93](https://twitter.com/strukt93).
- $20000 Facebook DOM XSS - Written by [@vinodsparrow](https://twitter.com/vinodsparrow).
-
SQL Injection
- MySQL Error Based SQL Injection Using EXP - Written by [@osandamalith](https://twitter.com/osandamalith).
- SQL injection in an UPDATE query - a bug bounty story! - Written by [Zombiehelp54](http://zombiehelp54.blogspot.jp/).
- Making a Blind SQL Injection a little less blind - Written by [TomNomNom](https://twitter.com/TomNomNom).
- SQL INJECTION AND POSTGRES - AN ADVENTURE TO EVENTUAL RCE - Written by [@denandz](https://github.com/denandz).
-
NoSQL Injection
- GraphQL NoSQL Injection Through JSON Types - Written by [Pete](http://www.petecorey.com/work/).
-
XXE
- Evil XML with two encodings - Written by [Arseniy Sharoglazov](https://mohemiv.com/).
- XXE OOB extracting via HTTP+FTP using single opened port - Written by [skavans](https://skavans.ru/).
- What You Didn't Know About XML External Entities Attacks - Written by [Timothy D. Morgan](https://twitter.com/ecbftw).
- Pre-authentication XXE vulnerability in the Services Drupal module - Written by [Renaud Dubourguais](https://twitter.com/_m0bius).
- Exploiting XXE with local DTD files - Written by [Arseniy Sharoglazov](https://twitter.com/_mohemiv).
- Automating local DTD discovery for XXE exploitation - Written by [Philippe Arteau](https://twitter.com/h3xstream).
- XML Out-Of-Band Data Retrieval - Written by Timur Yunusov and Alexey Osipov.
-
URL
- Some Problems Of URLs - Written by [Chris Palmer](https://noncombatant.org/about/).
- Phishing with Unicode Domains - Written by [Xudong Zheng](https://www.xudongz.com/).
- Unicode Domains are bad and you should feel bad for supporting them - Written by [VRGSEC](https://www.vgrsec.com/).
-
Deserialization
- ASP.NET resource files (.RESX) and deserialisation issues - Written by [@irsdl](https://twitter.com/irsdl).
-
OAuth
- Facebook OAuth Framework Vulnerability - Written by [@AmolBaikar](https://twitter.com/AmolBaikar).
-
Others
- Some Tricks From My Secret Group - Written by [phithon](https://www.leavesongs.com/).
- Inducing DNS Leaks in Onion Web Services - Written by [@epidemics-scepticism](https://github.com/epidemics-scepticism).
- Stored XSS, and SSRF in Google using the Dataset Publishing Language - Written by [@signalchaos](https://twitter.com/signalchaos).
-
Header Injection
- Java/Python FTP Injections Allow for Firewall Bypass - Written by [Timothy Morgan](https://plus.google.com/105917618099766831589).
-
-
Browser Exploitation
-
Backend (core of Browser implementation, and often refers to C or C++ part)
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622 - Written by [[email protected]]([email protected]).
- Three roads lead to Rome - Written by [@holynop](https://twitter.com/holynop).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Look Mom, I don't use Shellcode - Browser Exploitation Case Study for Internet Explorer 11 - Written by [@moritzj](http://twitter.com/moritzj).
- PUSHING WEBKIT'S BUTTONS WITH A MOBILE PWN2OWN EXPLOIT - Written by [@wanderingglitch](https://twitter.com/wanderingglitch).
- CVE-2017-2446 or JSC::JSGlobalObject::isHavingABadTime. - Written by [Diary of a reverse-engineer](https://doar-e.github.io/).
- CLEANLY ESCAPING THE CHROME SANDBOX - Written by [@tjbecker_](https://twitter.com/tjbecker_).
- How I got my first big bounty payout with Tesla - Written by [@cj.fairhead](https://medium.com/@cj.fairhead).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- Exploiting a V8 OOB write. - Written by [@halbecaf](https://twitter.com/halbecaf).
- A Methodical Approach to Browser Exploitation - Written by [@PatrickBiernat](https://twitter.com/PatrickBiernat), [@gaasedelen](https://twitter.com/gaasedelen) and [@itszn13](https://twitter.com/itszn13).
-
Frontend (like SOP bypass, URL spoofing, and something like that)
- The world of Site Isolation and compromised renderer - Written by [@shhnjk](https://twitter.com/shhnjk).
- The Cookie Monster in Your Browsers - Written by [@filedescriptor](https://twitter.com/filedescriptor).
- Bypassing Mobile Browser Security For Fun And Profit - Written by [@rafaybaloch](https://twitter.com/@rafaybaloch).
- The inception bar: a new phishing method - Written by [jameshfisher](https://jameshfisher.com/).
- Sending arbitrary IPC messages via overriding Function.prototype.apply - Written by [@kinugawamasato](https://twitter.com/kinugawamasato).
- Take Advantage of Out-of-Scope Domains in Bug Bounty Programs - Written by [@Abdulahhusam](https://twitter.com/Abdulahhusam).
- SOP bypass / UXSS – Stealing Credentials Pretty Fast (Edge) - Written by [Manuel](https://twitter.com/magicmac2000).
- ブラウザの脆弱性とそのインパクト - Written by [Muneaki Nishimura](https://speakerdeck.com/nishimunea) and [Masato Kinugawa](https://twitter.com/kinugawamasato).
- Особенности Safari в client-side атаках - Written by [Bo0oM](https://bo0om.ru/author/admin).
- Setting arbitrary request headers in Chromium via CRLF injection - Written by [Michał Bentkowski](https://blog.bentkowski.info/).
-
-
Digests
- PayloadsAllTheThings - Written by [@swisskyrepo](https://github.com/swisskyrepo).
- Hacker101 - Written by [hackerone](https://www.hackerone.com/start-hacking).
- The Daily Swig - Web security digest - Written by [PortSwigger](https://portswigger.net/).
- Infosec Newbie - Written by [Mark Robinson](https://www.sneakymonkey.net/).
- The Magic of Learning - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
- tl;dr sec - Weekly summary of top security tools, blog posts, and security research.
- CTF Field Guide - Written by [Trail of Bits](https://www.trailofbits.com/).
- Infosec Newbie - Written by [Mark Robinson](https://www.sneakymonkey.net/).
-
Tools
-
Reconnaissance
- EyeWitness - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible by [@ChrisTruncer](https://github.com/ChrisTruncer).
- Shodan - Shodan is the world's first search engine for Internet-connected devices by [@shodanhq](https://twitter.com/shodanhq).
- urlscan.io - Service which analyses websites and the resources they request by [@heipei](https://twitter.com/heipei).
- ZoomEye - Cyberspace Search Engine by [@zoomeye_team](https://twitter.com/zoomeye_team).
- FOFA - Cyberspace Search Engine by [BAIMAOHUI](http://baimaohui.net/).
- NSFOCUS - THREAT INTELLIGENCE PORTAL by NSFOCUS GLOBAL.
- Databases - start.me - Various databases which you can use for your OSINT research by [@technisette](https://twitter.com/technisette).
- peoplefindThor - the easy way to find people on Facebook by [postkassen](mailto:[email protected]?subject=peoplefindthor.dk comments).
- Certificate Search - Enter an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID to search certificate(s) by [@crtsh](https://github.com/crtsh).
-
Scanning
- WAScan - Is an open source web application security scanner that uses "black-box" method, created by [@m4ll0k](https://github.com/m4ll0k).
-
Penetration Testing
- grayhatwarfare - Public buckets by [grayhatwarfare](http://www.grayhatwarfare.com/).
-
Offensive
- csp evaluator - A tool for evaluating content-security-policies by [Csper](http://csper.io).
- Open redirect/SSRF payload generator - Open redirect/SSRF payload generator by [intigriti](https://www.intigriti.com/).
-
Detecting
- sqlchop - SQL injection detection engine by [chaitin](http://chaitin.com).
- xsschop - XSS detection engine by [chaitin](http://chaitin.com).
- GuardRails - A GitHub App that provides security feedback in Pull Requests.
-
Proxy
- Charles - HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet.
-
Decompiler
- CFR - Another java decompiler by [@LeeAtBenf](https://twitter.com/LeeAtBenf).
-
Others
- Dnslogger - DNS Logger by [@iagox86](https://github.com/iagox86).
-
-
Forums
- Phrack Magazine - Ezine written by and for hackers.
- The Hacker News - Security in a serious way.
- HackDig - Dig high-quality web security articles for hacker.
-
Introduction
-
XSS - Cross-Site Scripting
- C.XSS Guide - Written by [@JakobKallin](https://github.com/JakobKallin) and [Irene Lobo Valbuena](https://www.linkedin.com/in/irenelobovalbuena/).
- A talk about XSS thousand knocks - Written by [Yu Yagihashi](https://speakerdeck.com/yagihashoo).
- PayloadsAllTheThings - XSS Injection - Written by [@swisskyrepo](https://github.com/swisskyrepo).
- H5SC - Written by [@cure53](https://github.com/cure53).
- AwesomeXSS - Written by [@s0md3v](https://github.com/s0md3v).
- XSS.png - Written by @jackmasa.- [C.XSS Guide](https://excess-xss.com/) - Written by [@JakobKallin](https://github.com/JakobKallin) and [Irene Lobo Valbuena](https://www.linkedin.com/in/irenelobovalbuena/).
- クロスサイトスクリプティングの仕組みと攻撃を回避する7つの対策 - Written by [McAfee Blog](https://blogs.mcafee.jp/).
-
Prototype Pollution
- Prototype pollution attack in NodeJS application - Written by [@HoLyVieR](https://github.com/HoLyVieR).
- Real-world JS - 1 - Written by [@po6ix](https://twitter.com/po6ix).
- Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609) - Written by [@securitymb](https://twitter.com/securitymb).
-
CSV Injection
- CSV Injection -> Meterpreter on Pornhub - Written by [Andy](https://blog.zsec.uk/).
- The Absurdly Underestimated Dangers of CSV Injection - Written by [George Mauer](http://georgemauer.net/).
- PayloadsAllTheThings - CSV Injection - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
SQL Injection
- SQL Injection Wiki - Written by [NETSPI](https://www.netspi.com/).
- SQL Injection Pocket Reference - Written by [@LightOS](https://twitter.com/LightOS).
- PayloadsAllTheThings - SQL Injection - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
Command Injection
- Potential command injection in resolv.rb - Written by [@drigg3r](https://github.com/drigg3r).
- PayloadsAllTheThings - Command Injection - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
ORM Injection
- HQL for pentesters - Written by [@h3xstream](https://twitter.com/h3xstream/).
- HQL : Hyperinsane Query Language (or how to access the whole SQL API within a HQL injection ?) - Written by [@_m0bius](https://twitter.com/_m0bius).
- ORM2Pwn: Exploiting injections in Hibernate ORM - Written by [Mikhail Egorov](https://0ang3el.blogspot.tw/).
- ORM Injection - Written by [Simone Onofri](https://onofri.org/).
-
XXE - XML eXternal Entity
- XXE - Written by [@phonexicum](https://twitter.com/phonexicum).
- XML external entity (XXE) injection - Written by [portswigger](https://portswigger.net/).
- XML Schema, DTD, and Entity Attacks - Written by [Timothy D. Morgan](https://twitter.com/ecbftw) and Omar Al Ibrahim.
- PayloadsAllTheThings - XXE Injection - Written by various contributors.
-
CSRF - Cross-Site Request Forgery
- Wiping Out CSRF - Written by [@jrozner](https://medium.com/@jrozner).
- PayloadsAllTheThings - CSRF Injection - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
Clickjacking
- Clickjacking - Written by [Imperva](https://www.imperva.com/).
-
SSRF - Server-Side Request Forgery
- SSRF bible. Cheatsheet - Written by [Wallarm](https://wallarm.com/).
- PayloadsAllTheThings - Server-Side Request Forgery - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
Web Cache Poisoning
- PayloadsAllTheThings - Web Cache Deception - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
Relative Path Overwrite
- Large-scale analysis of style injection by relative path overwrite - Written by [The Morning Paper](https://blog.acolyer.org/).
- MBSD Technical Whitepaper - A few RPO exploitation techniques - Written by [Mitsui Bussan Secure Directions, Inc.](https://www.mbsd.jp/).
-
Open Redirect
- Open Redirect Vulnerability - Written by [s0cket7](https://s0cket7.com/).
- PayloadsAllTheThings - Open Redirect - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
Security Assertion Markup Language (SAML)
- How to Hunt Bugs in SAML; a Methodology - Part I - Written by [epi](https://epi052.gitlab.io/notes-to-self/).
- How to Hunt Bugs in SAML; a Methodology - Part II - Written by [epi](https://epi052.gitlab.io/notes-to-self/).
- How to Hunt Bugs in SAML; a Methodology - Part III - Written by [epi](https://epi052.gitlab.io/notes-to-self/).
- PayloadsAllTheThings - SAML Injection - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
Upload
- File Upload Restrictions Bypass - Written by [Haboob Team](https://www.exploit-db.com/author/?a=9381).
- PayloadsAllTheThings - Upload Insecure Files - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
ReactJS
- XSS via a spoofed React element - Written by [Daniel LeCheminant](http://danlec.com/).
-
SSL/TLS
- SSL & TLS Penetration Testing - Written by [APTIVE](https://www.aptive.co.uk/).
-
AWS
- PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET - Written by Dwight Hohnstein from [Rhino Security Labs](https://rhinosecuritylabs.com/).
- AWS PENETRATION TESTING PART 1. S3 BUCKETS - Written by [VirtueSecurity](https://www.virtuesecurity.com/).
- AWS PENETRATION TESTING PART 2. S3, IAM, EC2 - Written by [VirtueSecurity](https://www.virtuesecurity.com/).
-
Azure
- Common Azure Security Vulnerabilities and Misconfigurations - Written by [@rhinobenjamin](https://twitter.com/rhinobenjamin).
- Cloud Security Risks (Part 1): Azure CSV Injection Vulnerability - Written by [@spengietz](https://twitter.com/spengietz).
-
Crypto
- Applied Crypto Hardening - Written by [The bettercrypto.org Team](https://bettercrypto.org/).
-
Web Shell
- Hunting for Web Shells - Written by [Jacob Baines](https://www.tenable.com/profile/jacob-baines).
-
OSINT
- OSINT x UCCU Workshop on Open Source Intelligence - Written by [Philippe Lin](https://www.slideshare.net/miaoski).
- 102 Deep Dive in the Dark Web OSINT Style Kirby Plessas - Presented by [@kirbstr](https://twitter.com/kirbstr).
- The most complete guide to finding anyone’s email - Written by [Timur Daudpota](https://www.blurbiz.io/).
-
DNS Rebinding
- Attacking Private Networks from the Internet with DNS Rebinding - Written by [@brannondorsey](https://medium.com/@brannondorsey)
- Hacking home routers from the Internet - Written by [@radekk](https://medium.com/@radekk)
-
Deserialization
- Attacking .NET deserialization - Written by [@pwntester](https://twitter.com/pwntester).
- .NET Roulette: Exploiting Insecure Deserialization in Telerik UI - Written by [@noperator](https://twitter.com/noperator).
- HOW TO EXPLOIT LIFERAY CVE-2020-7961 : QUICK JOURNEY TO POC - Written by [@synacktiv](https://twitter.com/synacktiv).
-
OAuth
- Introduction to OAuth 2.0 and OpenID Connect - Written by [@PhilippeDeRyck](https://twitter.com/PhilippeDeRyck).
- What is going on with OAuth 2.0? And why you should not use it for authentication. - Written by [@damianrusinek](https://medium.com/@damianrusinek).
-
Sub Domain Enumeration
- A penetration tester’s guide to sub-domain enumeration - Written by [Bharath](https://blog.appsecco.com/@yamakira_).
-
FTP Injection
- SMTP over XXE − how to send emails using Java's XML parser - Written by [Alexander Klink](https://shiftordie.de/).
-
-
Evasions
-
XXE
- Bypass Fix of OOB XXE Using Different encoding - Written by [@SpiderSec](https://twitter.com/SpiderSec).
-
CSP
- Any protection against dynamic module import? - Written by [@shhnjk](https://twitter.com/@shhnjk).
- GitHub's CSP journey - Written by [@ptoomey3](https://github.com/ptoomey3).
- GitHub's post-CSP journey - Written by [@ptoomey3](https://github.com/ptoomey3).
-
WAF
- Web Application Firewall (WAF) Evasion Techniques - Written by [@secjuice](https://twitter.com/secjuice).
- Web Application Firewall (WAF) Evasion Techniques #2 - Written by [@secjuice](https://twitter.com/secjuice).
- Airbnb – When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities - Written by [@Brett Buerhaus](https://twitter.com/bbuerhaus).
-
Authentication
- Trend Micro Threat Discovery Appliance - Session Generation Authentication Bypass (CVE-2016-8584) - Written by [@malerisch](https://twitter.com/malerisch) and [@steventseeley](https://twitter.com/steventseeley).
-
-
PoCs
-
Database
- SPLOITUS - Exploits & Tools Search Engine by [@i_bo0om](https://twitter.com/i_bo0om).
- Exploit Database - ultimate archive of Exploits, Shellcode, and Security Papers by [Offensive Security](https://www.offensive-security.com/).
-
-
Cheetsheets
-
Database
- XSS Cheat Sheet - 2018 Edition - Written by [@brutelogic](https://twitter.com/brutelogic).
-
-
Social Engineering Database
-
Others
- haveibeenpwned - Check if you have an account that has been compromised in a data breach by [Troy Hunt](https://www.troyhunt.com/).
-
-
Blogs
-
Others
- leavesongs - China's talented web penetrator.
- Broken Browser - Fun with Browser Vulnerabilities.
- BRETT BUERHAUS - Vulnerability disclosures and rambles on application security.
- n0tr00t - ~# n0tr00t Security Team.
- OpnSec - Open Mind Security!
- Blog of Osanda - Security Researching and Reverse Engineering.
-
-
Twitter Users
-
Others
- @HackwithGitHub - Initiative to showcase open source hacking tools for hackers and pentesters
- @filedescriptor - Active penetrator often tweets and writes useful articles
- @cure53berlin - [Cure53](https://cure53.de/) is a German cybersecurity firm.
- @XssPayloads - The wonderland of JavaScript unexpected usages, and more.
- @kinugawamasato - Japanese web penetrator.
- @h3xstream - Security Researcher, interested in web security, crypto, pentest, static analysis but most of all, samy is my hero.
- @garethheyes - English web penetrator.
- @hasegawayosuke - Japanese javascript security researcher.
- @shhnjk - Web and Browsers Security Researcher.
-
-
Practices
-
Application
- SELinux Game - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
- Portswigger Web Security Academy - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
-
AWS
- FLAWS - Amazon AWS CTF challenge - Written by [@0xdabbad00](https://twitter.com/0xdabbad00).
-
XSS
- XSS game - Google XSS Challenge - Written by Google.
- alert(1) to win - Series of XSS challenges - Written by [@steike](https://twitter.com/steike).
- XSS Challenges - Series of XSS challenges - Written by yamagata21.
-
ModSecurity / OWASP ModSecurity Core Rule Set
- ModSecurity / OWASP ModSecurity Core Rule Set - Series of tutorials to install, configure and tune ModSecurity and the Core Rule Set - Written by [@ChrFolini](https://twitter.com/ChrFolini).
-
-
Community
-
ModSecurity / OWASP ModSecurity Core Rule Set
-
-
Miscellaneous
-
ModSecurity / OWASP ModSecurity Core Rule Set
- Google VRP and Unicorns - Written by [Daniel Stelter-Gliese](https://www.linkedin.com/in/daniel-stelter-gliese-170a70a2/).
- The Definitive Security Data Science and Machine Learning Guide - Written by JASON TROS.
- A glimpse into GitHub's Bug Bounty workflow - Written by [@gregose](https://github.com/gregose).
- Internet of Things Scanner - Check if your internet-connected devices at home are public on Shodan by [BullGuard](https://www.bullguard.com/).
- The Bug Hunters Methodology v2.1 - Written by [@jhaddix](https://twitter.com/jhaddix).
- $7.5k Google services mix-up - Written by [Ezequiel Pereira](https://sites.google.com/site/testsitehacking/).
- Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters - Written by [@umpox](https://medium.com/@umpox).
- Domato Fuzzer's Generation Engine Internals - Written by [sigpwn](https://www.sigpwn.io/).
- CSS Is So Overpowered It Can Deanonymize Facebook Users - Written by [Ruslan Habalov](https://www.evonide.com/).
- Introduction to Web Application Security - Written by [@itsC0rg1](https://twitter.com/itsC0rg1), [@jmkeads](https://twitter.com/jmkeads) and [@matir](https://twitter.com/matir).
- Finding The Real Origin IPs Hiding Behind CloudFlare or TOR - Written by [Paul Dannewitz](https://www.secjuice.com/author/paul-dannewitz/).
- Why Facebook's api starts with a for loop - Written by [@AntoGarand](https://twitter.com/AntoGarand).
- How I could have stolen your photos from Google - my first 3 bug bounty writeups - Written by [@gergoturcsanyi](https://twitter.com/gergoturcsanyi).
- An example why NAT is NOT security - Written by [@0daywork](https://twitter.com/@0daywork).
- WEB APPLICATION PENETRATION TESTING NOTES - Written by [Jayson](https://techvomit.net/).
- Hacking with a Heads Up Display - Written by [David Scrobonia](https://segment.com/blog/authors/david-scrobonia/).
- Alexa Top 1 Million Security - Hacking the Big Ones - Written by [@slashcrypto](https://twitter.com/slashcrypto).
- WCTF2019: Gyotaku The Flag - Written by [@t0nk42](https://twitter.com/t0nk42).
- TL:DR: VPN leaks users’ IPs via WebRTC. I’ve tested seventy VPN providers and 16 of them leaks users’ IPs via WebRTC (23%) - Written by [voidsec](https://voidsec.com/).
- How we abused Slack's TURN servers to gain access to internal services - Written by [@sandrogauci](https://twitter.com/sandrogauci).
-
Programming Languages
Categories
Sub Categories
CSRF
74
Backend (core of Browser implementation, and often refers to C or C++ part)
29
SSRF
24
ModSecurity / OWASP ModSecurity Core Rule Set
23
Others
20
XSS
15
Remote Code Execution
10
Frontend (like SOP bypass, URL spoofing, and something like that)
10
Reconnaissance
9
XXE
8
XSS - Cross-Site Scripting
7
SQL Injection
7
AWS
4
Security Assertion Markup Language (SAML)
4
ORM Injection
4
XXE - XML eXternal Entity
4
Deserialization
4
WAF
3
CSP
3
URL
3
Prototype Pollution
3
OAuth
3
Detecting
3
Database
3
OSINT
3
CSV Injection
3
DNS Rebinding
2
Azure
2
Offensive
2
CSRF - Cross-Site Request Forgery
2
Relative Path Overwrite
2
Open Redirect
2
Application
2
Upload
2
SSRF - Server-Side Request Forgery
2
Command Injection
2
Clickjacking
2
SSL/TLS
1
Crypto
1
Penetration Testing
1
NoSQL Injection
1
Web Shell
1
Decompiler
1
Header Injection
1
Sub Domain Enumeration
1
FTP Injection
1
ReactJS
1
Web Cache Poisoning
1
Proxy
1
Authentication
1
Scanning
1