https://github.com/Jewel591/Vulnerability-Summary

常见漏洞描述、漏洞影响及修复建议，为规范的渗透测试报告提供参考 | Common vulnerability descriptions, vulnerability impacts and remediation recommendations for standardized penetration testing reports
https://github.com/Jewel591/Vulnerability-Summary

Last synced: 21 days ago
JSON representation

常见漏洞描述、漏洞影响及修复建议，为规范的渗透测试报告提供参考 | Common vulnerability descriptions, vulnerability impacts and remediation recommendations for standardized penetration testing reports

• Host: GitHub
• URL: https://github.com/Jewel591/Vulnerability-Summary
• Owner: Jewel591
• License: mit
• Created: 2020-10-22T03:19:50.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2021-01-15T08:57:23.000Z (almost 4 years ago)
• Last Synced: 2024-08-05T17:42:19.121Z (4 months ago)
• Homepage:
• Size: 74.2 KB
• Stars: 46
• Watchers: 3
• Forks: 8
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - Jewel591/Vulnerability-Summary - 常见漏洞描述、漏洞影响及修复建议，为规范的渗透测试报告提供参考 | Common vulnerability descriptions, vulnerability impacts and remediation recommendations for standardized penetration testing reports (Others)

README

        
# Vulnerability-Summary

常见漏洞描述、漏洞影响及修复建议，为规范的渗透测试报告提供参考。

- [英文版 | English version](https://github.com/Jewel591/Vulnerability-Summary/blob/main/English/README.md)

## Table of Contents

- [跨站脚本攻击](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Cross-Site-Scripting.md)

- [SQL注入](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/SQL-Injection.md)

- [违反访问控制（水平权限升级）](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Broken-Access-Control-Horizontal-Privilege-Escalation.md)

- [违反访问控制（垂直权限升级）](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Broken-Access-Control-Vertical-Privilege-Escalation.md)

- [会话Cookies未被标记为HTTPOnly](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Session-Cookies-Not-Marked-As-HTTPOnly.md)

- [会话Cookies未被标记为Secure](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Session-Cookies-Not-Marked-As-Secure.md)

- [任意文件上传](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Unrestricted-File-Upload.md)

- [未经验证的重定向](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/URL-Redirection-Not-Validated.md)

- [潜在的点击劫持](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Clickjacking.md)

- [内部 IP 地址泄露](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Internal-IP-Revealed.md)

- [在Web服务器上发现不必要的文件](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Unnecessary-Files-Found-on-Web-Server.md)

- [缺少防范暴力破解的措施](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Lack-of-Brute-Force-Attacking-Prevention.md)

- [用户名枚举](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Username-Enumeration.md)

- [邮箱轰炸攻击](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Mailbox-bombing-attacks.md)

- [服务器支持低版本TLS协议](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/Weak-TLS-Version.md)

- [服务器支持SSL弱密码套件](https://github.com/Jewel591/Vulnerability-Summary/blob/main/Web-Vulnerability/SSL-Weak-Cipher-Suites-Supported.md)

## Referer

来自公网，回报公网，感谢所有人的贡献。

详情参见`./Reference`