Web attacks

Methodology & AcademyOWASP Top 10Avoid Aggressive ScanningWeb EnumerationFuzzingBypass 403 / 401Bypass 302Registration FormEmail Verification BypassEmail injectionsPhone Number InjectionLogin Forms AttacksBypass CaptchaSSO2FA / OTPPassword ResetSQL InjectionNoSQL injectionLDAP InjectionHTML InjectionXSSSSI / ESI InjectionCSP BypassFile Inclusion LFI / RFIFile Upload AttacksCommand InjectionMarkdown injectionXPath InjectionHTTP Verb TamperingHTTP Header ExploitationHTTP Request SmugglingPrice / Checkout Manipulation MethodsTesting Credit CardsCookies MisconfigurationBasic HTTP AuthentificationJWT TokenIDORXXE / XSLTSSTICSTISSRFCSRFCORSOpen RedirectionCSPTRelative Path Overwrite, RPOCRLF InjectionJSON AttackPrototype PollutionWeb Mass AssignmentWeb CacheClickjackingTabnabbingRace ConditonsCSV InjectionCSS ExfiltrationWAF BypassCMSDjangoFlask / WerkzeugTomcat (8080)Tomcat CGIJettyNginxIISExchange / OWAGitLabJenkinsSplunkElasticsearchPRTG Network MonitorosTicketColdFusionNagiosWebminSlackMoodleJiraMagentoPrestashopDockerKeyCloakJupyter Notebook
PreviousEncryptionNextMethodology & Academy