The Hacker Recipes

CtrlK

GitHub Twitter Exegol Tools

Introduction
Active Directory
Web services
Systems & services
Evasion
- (AV) Anti-Virus
- 🛠️(EDR) Endpoint Detection and Response
🛠️Physical
🛠️Intelligence gathering
🛠️RADIO
🛠️mobile apps
- Android
- iOS

Powered by GitBook

On this page

Was this helpful?

Web services

User inputs

File inclusion Unrestricted file upload SQL injection XSS (Cross-Site Scripting)CSRF (Cross-Site Request Forgery)SSRF (Server-Side Request Forgery)IDOR (Insecure Direct Object Reference)ORED Open redirect Content-Type juggling XXE injection Insecure JSON Web Tokens 🛠️HTTP parameter pollution 🛠️SSTI (Server-Side Template Injection)🛠️Insecure deserialization 🛠️CRLF injection 🛠️Arbitrary file download 🛠️Directory traversal 🛠️Null-byte injection

PreviousLogging in NextFile inclusion

Last updated 3 years ago

Was this helpful?