Introduction
Cross Site Scripting (XSS)
- Python - XSS
- NodeJS - XSS
- Java - XSS
Cross Site Scripting - Attribute (XSS-Attribute)
- Python - XSS-Attribute
- NodeJS - XSS-Attribute
Cross Site Scripting - href (XSS-href)
- Python - XSS-href
- NodeJS - XSS-href
- Java - XSS-href
Cross Site Scripting - DOM (XSS-DOM)
- Python - XSS-DOM
- NodeJS - XSS-DOM
- Java - XSS-DOM
Cross Site Scripting - DOM-2 (XSS-DOM-2)
- Python - XSS-DOM-2
- NodeJS - XSS-DOM-2
- Java - XSS-DOM-2
CSRF
- Python - CSRF
- NodeJS - CSRF
- Java - CSRF
CSRF - Samesite
- Python - CSRF-SameSite
- NodeJS - CSRF-SameSite
- Java - CSRF-SameSite
CSRF - Weak
- Python - CSRF-Weak
- NodeJS - CSRF-Weak
- Java - CSRF-Weak
XML External Entity (XXE)
- Python - XXE
- NodeJS - XXE
- Java - XXE
File upload
- Python - File-Upload
- NodeJS - File-Upload
- Java - File-Upload
Clickjacking
- Python - Clickjacking
- NodeJS - Clickjacking
- Java - Clickjacking
Ratelimiting (Brute-force login)
- Python - Ratelimiting
- NodeJS - Ratelimiting
- Java - Ratelimiting
HttpOnly Session Hijacking XSS
- Python - HttpOnly Session Hijacking XSS
- NodeJS - HttpOnly Session Hijacking XSS
- Java - HttpOnly Session Hijacking XSS
Host Header Injection (Authentication Bypass)
- Python - HttpOnly Session Hijacking XSS
Exposed docker daemon
- Python - Exposed docker daemon
SQLI (Union)
- Python - SQLI (Union)
- NodeJS - SQLI (Union)
- Java - SQLI (Union)
SQLI Login Bypass
- Python - Login Bypass
SQLI (Like)
- Python - SQLI (Like)
- NodeJS - SQLI (Like)
- Java - SQLI (Like)
SQLI (Blind)
- Python - SQLI (Blind)
- NodeJS - SQLI (Blind)
- Java - SQLI (Blind)
URL Redirection
- Python - URL Redirection
- NodeJS - URL Redirection
- Java - URL Redirection
URL Redirection - Harder
- Python - URL Redirection - Harder
- NodeJS - URL Redirection - Harder
- Java - URL Redirection - Harder
URL Redirection - Harder-2
- Python - URL Redirection - Harder-2
- NodeJS - URL Redirection - Harder-2
- Java - URL Redirection - Harder-2
Formula Injection
- Python - Formula Injection
- NodeJS - Formula Injection
- Java - Formula Injection
Client Side Template Injection (CSTI)
- Python - Client Side Template Injection (CSTI)
- NodeJS - Client Side Template Injection (CSTI)
CORS exploitation
- Python - CORS exploitation
Parameter Binding
- Ruby - Parameter Binding
- NodeJS - Parameter Binding
- Java - Parameter Binding
Local File Inclusion 1 (LFI-1)
- Python - Local File Inclusion 1 (LFI-1)
- NodeJS - Local File Inclusion 1 (LFI-1)
- Java - Local File Inclusion 1 (LFI-1)
Local File Inclusion 2 (LFI-2)
- Python - Local File Inclusion 2 (LFI-2)
- NodeJS - Local File Inclusion 2 (LFI-2)
- Java - Local File Inclusion 2 (LFI-2)
Local File Inclusion 3 (LFI-3)
- Python - Local File Inclusion 3 (LFI-3)
- NodeJS - Local File Inclusion 3 (LFI-3)
- Java - Local File Inclusion 3 (LFI-3)
Remote File Inclusion (RFI)
- Python - Remote File Inclusion (RFI)
- NodeJS - Remote File Inclusion (RFI)
- Java - Remote File Inclusion (RFI)
Content-Security-Policy (CSP)
- Python - Content-Security-Policy (CSP)
- NodeJS - Content-Security-Policy (CSP)
- Java - Content-Security-Policy (CSP)
Session Puzzling
- Python - Session Puzzling
- NodeJS - Session Puzzling
- Java - Session Puzzling
Command Injection (CMD)
- Python - Command Injection (CMD)
- NodeJS - Command Injection (CMD)
- Java - Command Injection (CMD)
Command Injection 2 (CMD-2)
- Python - Command Injection 2 (CMD-2)
- NodeJS - Command Injection 2 (CMD-2)
- Java - Command Injection 2 (CMD-2)
Command Injection 3 (CMD-3)
- Python - Command Injection 3 (CMD-3)
- Java - Command Injection 3 (CMD-3)
Command Injection 4 (CMD-4)
- Python - Command Injection 4 (CMD-4)
- NodeJS - Command Injection 4 (CMD-4)
- Java - Command Injection 4 (CMD-4)
Command Injection Blind (CMD-Blind)
- Python - Command Injection Blind (CMD-Blind)
- NodeJS - Command Injection Blind (CMD-Blind)
- Java - Command Injection Blind (CMD-Blind)
Server Side Request Forgery (SSRF)
- Python - Server Side Request Forgery (SSRF)
- NodeJS - Server Side Request Forgery (SSRF)
- Java - Server Side Request Forgery (SSRF)
Server Side Template Injection (SSTI)
- Python - Server Side Template Injection (SSTI)
Insecure Direct Object References (IDOR)
- Python - Insecure Direct Object References (IDOR)
- NodeJS - Insecure Direct Object References (IDOR)
- Java - Insecure Direct Object References (IDOR)
Deserialisation Yaml (DES-Yaml)
- Python - Deserialisation Yaml (DES-Yaml)
Deserialisation Pickle (DES-Pickle)
- Python - Deserialisation Pickle (DES-Pickle)
Deserialisation Pickle 2 (DES-Pickle-2)
- Python - Deserialisation Pickle 2 (DES-Pickle-2)
GraphQL DOS
- Python - GraphQL DOS
GraphQL IDOR
- Python - GraphQL IDOR
- NodeJS - GraphQL IDOR
- Java - GraphQL IDOR
GraphQL Injections
- Python - GraphQL Injections
- NodeJS - GraphQL Injections
- Java - GraphQL Injections
GraphQL Introspection
- Python - GraphQL Introspection
- NodeJS - GraphQL Introspection
- Java - GraphQL Introspection
GraphQL Mutations
- Python - GraphQL Mutations
- NodeJS - GraphQL Mutations
- Java - GraphQL Mutations
JWT Null
- Python - JWT Null
- NodeJS - JWT Null
- Java - JWT Null
JWT Secret
- Python - JWT Secret
- NodeJS - JWT Secret
- Java - JWT Secret
Race Condition
- Python - Race Condition
- NodeJS - Race Condition
- Java - Race Condition
Race Condition File-Write
- Python - Race Condition File-Write
- NodeJS - Race Condition File-Write
- Java - Race Condition File-Write
DoS Regex
- Python - DoS Regex
- NodeJS - DoS Regex
- Java - DoS Regex
Information Leakeage in Comments
- Python - Information Leakeage in Comments
- NodeJS - Information Leakeage in Comments
- Java - Information Leakeage in Comments
Information Leakeage in Metadata
- Python - Information Leakeage in Metadata
- NodeJS - Information Leakeage in Metadata
- Java - Information Leakeage in Metadata
Auth Bypass
- Python - Auth Bypass
- NodeJS - Auth Bypass
Auth Bypass - 1
- Python - Auth Bypass - 1
- NodeJS - Auth Bypass - 1
- Java - Auth Bypass - 1
Auth Bypass - 2
- Python - Auth Bypass - 2
- NodeJS - Auth Bypass - 2
- Java - Auth Bypass - 2
Auth-bypass - 3
- Python - Auth-bypass - 3
- NodeJS - Auth-bypass - 3
- Java - Auth-bypass - 3
Auth-bypass - Simple
- Python - Auth-bypass - Simple
- NodeJS - Auth-bypass - Simple
- Java - Auth-bypass - Simple
Untrusted Sources (XSSI)
- Python - Untrusted Sources (XSSI)
- NodeJS - Untrusted Sources (XSSI)
- Java - Untrusted Sources (XSSI)
TLS Downgrade
- Python - TLS Downgrade
WebSocket Message Manipulation
- Python - WebSocket Message Manipulation
Session Management 1
- Python - Session Management 1
Client Side Restriction Bypass
- Python - Client Side Restriction Bypass
- NodeJS - Client Side Restriction Bypass
- Java - Client Side Restriction Bypass
Client Side Restriction Bypass - Harder
- Python - Client Side Restriction Bypass - Harder
- NodeJS - Client Side Restriction Bypass - Harder
- Java - Client Side Restriction Bypass - Harder
Credentials Guessing
- Python - Credentials Guessing
- NodeJS - Credentials Guessing
- Java - Credentials Guessing
Credentials Guessing - 2
- Python - Credentials Guessing - 2
- NodeJS - Credentials Guessing - 2
- Java - Credentials Guessing - 2
CSS Injection (CSSI)
- Python - CSS Injection (CSSI)
- NodeJS - CSS Injection (CSSI)
- Java - CSS Injection (CSSI)
Prototype Pollution
- NodeJS - Prototype Pollution
Right To Left Override (RTLO)
- Python - Right To Left Override (RTLO)
- NodeJS - Right To Left Override (RTLO)
- Java - Right To Left Override (RTLO)
Ldap Injection
- Python - Ldap Injection
- NodeJS - Ldap Injection
- Java - Ldap Injection
Ldap Injection - harder
- Python - Ldap Injection - harder
- NodeJS - Ldap Injection - harder
- Java - Ldap Injection - harder
template item

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SUMMARY.md

SUMMARY.md

Table of contents

Files

SUMMARY.md

Latest commit

History

SUMMARY.md

File metadata and controls

Table of contents