Web vulnerabilities
LFI/RFI
- https://www.idontplaydarts.com/2011/02/using-php-filter-for-local-file-inclusion/
- https://www.idontplaydarts.com/2011/03/php-remote-file-inclusion-command-shell-using-data-stream/
- Liffy: Local File Inclusion Exploitation Tool
- Upgrade from LFI to RCE via PHP Sessions
- Exploiting PHP File Inclusion – Overview
- Exploiting Remote File Inclusion (RFI) in PHP application and bypassing remote URL inclusion restriction
- Bitbucket 6.1.1 Path Traversal to RCE
HTTP parameters pollution
HPP attacks can be defined as the feasibilty to override or add HTTP
GET
/POST
parameters
by injecting query string delimiters. HtmlEntities
are out of context here.
Session Fixation
- http://shiflett.org/articles/session-fixation
SSRF
- Understanding Server-Side Request Forgery
- Server Side Request Forgery (SSRF)
- Guide
- A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
- How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE!
- Vimeo upload function SSRF
- Hidden OAuth attack vectors
CSRF
SQLI
- Understanding the full potential of sqlmap during bug bounty hunting
- http://atta.cked.me/home/sqlite3injectioncheatsheet
- http://gwae.trollab.org/sqlite-injection.html
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Sqlmap-Tricks-for-Advanced-SQL-Injection/
- https://websec.wordpress.com/2010/03/19/exploiting-hard-filtered-sql-injections/
- http://www.slideshare.net/stamparm/ph-days-2013miroslavstamparsqlmapunderthehood
- Bypassing
addslashes()
(post) - http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
- Rails SQLI
- Exploiting difficult SQL injection vulnerabilities using sqlmap: Part 1
- SQL Injection Wiki
Cloud
- madhuakula/kubernetes-goat designed to be intentionally vulnerable cluster environment to learn and practice Kubernetes security.