Crypto
Scanning / Sub Domain Enumeration
Webshell / Server-Side Request Forgery
Prototype Pollution
Deserialization
]]>Prototype Pollution
Digests
JWT
]]>Deserialization
Backend (core of Browser implementation, and often refers to C or C++ part)
Miscellaneous / Server-Side Request Forgery
Deserialization
OAuth
XSS
Miscellaneous / Server-Side Request Forgery
]]>OAuth
CSRF
Frontend (like SOP bypass, URL spoofing, and something like that)
Backend (core of Browser implementation, and often refers to C or C++ part)
Miscellaneous / Server-Side Request Forgery
Digests
AWS
SQL Injection
Deserialization
Cheetsheets
Offensive / XSS - Cross-Site Scripting
Preventing / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
SSL/TLS
Miscellaneous / Server-Side Request Forgery
Prototype Pollution
XSS
Others
Frontend (like SOP bypass, URL spoofing, and something like that)
XSS - Cross-Site Scripting
SQL Injection
Command Injection
XXE - XML eXternal Entity
Open Redirect
Crypto
NoSQL Injection
SSRF
Others
Backend (core of Browser implementation, and often refers to C or C++ part)
Database
Miscellaneous / Server-Side Request Forgery
XSS - Cross-Site Scripting
CSV Injection
SQL Injection
Command Injection
XXE - XML eXternal Entity
CSRF - Cross-Site Request Forgery
SSRF - Server-Side Request Forgery
Web Cache Poisoning
Open Redirect
Security Assertion Markup Language (SAML)
Upload
XXE
Remote Code Execution
XSS
Offensive / XXE
Others / Server-Side Request Forgery
Rails
Application / Server-Side Request Forgery
DNS Rebinding
DNS Rebinding / Server-Side Request Forgery
Clickjacking
Miscellaneous / Server-Side Request Forgery
Azure
Auditing
Fuzzing / Sub Domain Enumeration
Leaking / Server-Side Request Forgery
Twitter Users / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
Offensive / Server-Side Request Forgery
Relative Path Overwrite
Security Assertion Markup Language (SAML)
CSRF
XSS
SQL Injection
Frontend (like SOP bypass, URL spoofing, and something like that)
]]>Remote Code Execution
CSP
XSS
Frontend (like SOP bypass, URL spoofing, and something like that)
Backend (core of Browser implementation, and often refers to C or C++ part)
Miscellaneous / Server-Side Request Forgery
Offensive / Cross Site Request Forgery
Detecting / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
]]>XSS
Backend (core of Browser implementation, and often refers to C or C++ part)
Reconnaissance / OSINT - Open-Source Intelligence
Upload
SSRF
Frontend (like SOP bypass, URL spoofing, and something like that)
Blogs / Server-Side Request Forgery
AWS / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
]]>Fuzzing / Sub Domain Enumeration
Scanning / Sub Domain Enumeration
]]>Fuzzing / Sub Domain Enumeration
Scanning / Sub Domain Enumeration
XSS - Cross-Site Scripting
Web Cache Poisoning
Remote Code Execution
XSS
SQL Injection
Frontend (like SOP bypass, URL spoofing, and something like that)
Reconnaissance / OSINT - Open-Source Intelligence
Offensive / XSS - Cross-Site Scripting
Webshell / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
AWS
OSINT
XSS
SSRF
Fuzzing / Sub Domain Enumeration
Database
]]>Open Redirect
SSRF
SSRF
Command Injection
Remote Code Execution
CSP
Preventing / Server-Side Request Forgery
CSP
Reconnaissance / Sub Domain Enumeration
Penetration Testing / Sub Domain Enumeration
Offensive / Template Injection
Blogs / Server-Side Request Forgery
SSRF - Server-Side Request Forgery
CSP
Offensive / XSS - Cross-Site Scripting
Frontend (like SOP bypass, URL spoofing, and something like that)
Backend (core of Browser implementation, and often refers to C or C++ part)
]]>ReactJS
Webmail
Blogs / Server-Side Request Forgery
XSS - Cross-Site Scripting
Miscellaneous / Server-Side Request Forgery
]]>Remote Code Execution
Detecting / Server-Side Request Forgery
Database
Reconnaissance / OSINT - Open-Source Intelligence
Fuzzing / Sub Domain Enumeration
Penetration Testing / Sub Domain Enumeration
Miscellaneous / Server-Side Request Forgery
Penetration Testing / Sub Domain Enumeration
Leaking / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
]]>Miscellaneous / Server-Side Request Forgery
]]>Leaking / Server-Side Request Forgery
Backend (core of Browser implementation, and often refers to C or C++ part)
]]>XSS
Miscellaneous / Server-Side Request Forgery
]]>Others
]]>Decompiler / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery
SSRF
Reconnaissance / OSINT - Open-Source Intelligence
OSINT
Reconnaissance / OSINT - Open-Source Intelligence
XXE
Forums
CSV Injection
SQL Injection
Command Injection
ORM Injection
FTP Injection
XXE - XML eXternal Entity
CSRF - Cross-Site Request Forgery
Rails
AngularJS
SSL/TLS
NFS
AWS
Sub Domain Enumeration
Web Shell
OSINT
CSP
WAF
JSMVC
Authentication
CSRF
Remote Code Execution
XSS
SSRF
Header Injection
URL
Others
Frontend (like SOP bypass, URL spoofing, and something like that)
Backend (core of Browser implementation, and often refers to C or C++ part)
Database
Auditing
Reconnaissance / OSINT - Open-Source Intelligence
Reconnaissance / Sub Domain Enumeration
Code Generating / Sub Domain Enumeration
Fuzzing / Sub Domain Enumeration
Penetration Testing / Sub Domain Enumeration
Offensive / XSS - Cross-Site Scripting
Offensive / SQL Injection
Leaking / Server-Side Request Forgery
Detecting / Server-Side Request Forgery
Preventing / Server-Side Request Forgery
Proxy / Server-Side Request Forgery
Webshell / Server-Side Request Forgery
Disassembler / Server-Side Request Forgery
Others / Server-Side Request Forgery
Social Engineering Database / Server-Side Request Forgery
Blogs / Server-Side Request Forgery
Twitter Users / Server-Side Request Forgery
Application / Server-Side Request Forgery
AWS / Server-Side Request Forgery
XSS / Server-Side Request Forgery
ModSecurity / OWASP ModSecurity Core Rule Set / Server-Side Request Forgery
Community / Server-Side Request Forgery
Miscellaneous / Server-Side Request Forgery