Recently Updated
WebApp And Api Pentesting 62
- Stored XSS Dec 31, 2021
- Reflected XSS Dec 31, 2021
- DOM-based XSS Dec 31, 2021
- XPATH Injection Dec 31, 2021
- Unrestricted File Upload -> Bypass Dec 31, 2021
- Unrestricted File Upload Dec 31, 2021
- Server-side request forgery (SSRF) Dec 31, 2021
- Blind Sql Injection -> Time Based Dec 31, 2021
- Sql Injection With Sqlmap Dec 31, 2021
- Sql Injection -> Authentication Bypass Dec 31, 2021
- In-band Sql Injection Dec 31, 2021
- Blind Sql Injection -> Boolean Based Dec 31, 2021
- SMTP header injection Dec 31, 2021
- Stored Html Injection Dec 31, 2021
- Remote File Inclusion Dec 31, 2021
- Nosql Injection Dec 31, 2021
- Multi-Factor Authentication Bypass Dec 31, 2021
- Mass Assignment -> Horizontal Privilege Escalation Dec 31, 2021
- Mass Assignment -> Vertical Privilege Escalation Dec 31, 2021
- JWT Authentication Bypass -> Weak Signing Key Dec 31, 2021
- JWT Authentication Bypass -> Unverified Signature Dec 31, 2021
- JWT Authentication Bypass -> jku header injection Dec 31, 2021
- JWT Authentication Bypass -> Algorithm Confusion Dec 31, 2021
- JWT Authentication Bypass -> None Algorithm Dec 31, 2021
- Insecure Deserialization Dec 31, 2021
- Html Injection Dec 31, 2021
- Host Header Injection -> Password Reset Poisoning Dec 31, 2021
- Host Header Injection -> Authentication Bypass Dec 31, 2021
- Directory Bruteforce Dec 31, 2021
- Cross-Side Request Forgery Dec 31, 2021
- Cross-Origin Resource Sharing Dec 31, 2021
- Code Injection Dec 31, 2021
- Clickjacking Dec 31, 2021
- Captcha Bypass -> Missing Parameter Dec 31, 2021
- Captcha Bypass -> Leaked In HTML Dec 31, 2021
- Captcha Bypass -> Not Expiring After Used Dec 31, 2021
- Captcha Bypass -> Leaked In Cookie Dec 31, 2021
- Captcha Bypass -> OCR Dec 31, 2021
- Broken Authentication -> Weak Password Dec 31, 2021
- Session hijacking -> Session Id In Url Dec 31, 2021
- Broken Authentication -> Username Enumeration Dec 31, 2021
- Session hijacking -> Session Fixation Dec 31, 2021
- Broken Authentication -> Account Takeover Via Multistage Login Dec 31, 2021
- Session hijacking -> Insufficient Session Expiration Dec 31, 2021
- Broken Authentication -> Unencrypted Communication Dec 31, 2021
- Broken Authentication -> Forgot Password - Bad Questions Dec 31, 2021
- Session hijacking -> Predictable session token Dec 31, 2021
- Broken Authentication -> Bruteforce Dec 31, 2021
- Broken Access Control -> IDOR -> Order Dec 31, 2021
- Broken Access Control -> IDOR -> Access File Dec 31, 2021
- Broken Access Control -> IDOR -> View Profile Dec 31, 2021
- Broken Access Control -> MFLAC Dec 31, 2021
- XXE - XML External Entity Dec 31, 2021
- Open Redirection Dec 31, 2021
- Server-Side Template Injection Dec 31, 2021
- Local File Inclusion Dec 31, 2021
- LDAP Injection Dec 31, 2021
- Path traversal Dec 31, 2021
- CRLF Injection Dec 31, 2021
- Blind Command Injection Dec 31, 2021
- Command Injection Dec 31, 2021
- Blind XML External Entity Dec 31, 2021