Menu Close

Good link for web security

Published: September 08, 2019 by

Categories:
web 2

1. SSRF

madrobot ssrf part 1

madrobot ssrf part 2

neerajedwards reading local file

2. Local file read

3. JWT

nccgroup jwt attack

sjoerdlangkemper

3. PHP

Remote code execution via PHP [Unserialize]

php object injection cheatsheet

complex drupal pop chain

expressionengine code reuse attack

File Operation Induced Unserialization via the “phar://” Stream Wrapper

webshell-without-alphanum

4. Java

Serial Killer: Silently Pwning Your Java Endpoints

attacking-java-deserialization

ysoserial tools

5. XXE

from XXE to RCE in PHP

XXE local DTD files

6. XSS

Python template Injection

Summary of attacks against CTF Flask

Payload All The Things