Link to this headingWeb Exploitation
Auto-generated index for this directory.
Link to this headingRecent Changes
-
Web Scanning.md
Modified: 2026-05-02
Perform advanced MiTM attacks on websites with ease (New BeEF) Malicious Style Sheets for User Tracking⦠-
Cookies.md
Modified: 2026-05-02
Source - Standard HTTP Cookies⦠-
Web Hooks.md
Modified: 2026-05-02
https://hookdeck.com/webhooks/guides/webhooks-security-checklist Request:β¦ -
postMessage.md
Modified: 2026-05-02
A secure way to enable communication between two windows (or tabs) that belong to different origins (domains). Can pass JSON data oneway between origi⦠-
WebRTC.md
Modified: 2026-05-02
P2P for streaming audio, video, and data exchange between browsers. Works through ICE, STUN, and TURN to establish a connection between peers. Connect⦠-
Well-known.md
Modified: 2026-05-02 -
Server-Sent-Events.md
Modified: 2026-05-02
Client: Server:β¦ -
WebTransport.md
Modified: 2026-05-02
https://developer.mozilla.org/en-US/docs/Web/API/WebTransport⦠-
Content Security Policy.md
Modified: 2026-05-02
strong mitigation against cross-site scripting attacks https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP⦠-
Web Sockets.md
Modified: 2026-05-02- A heartbeat is built in to the protocol - Uses the wss:// or ws:// schemaβ¦
Link to this headingDirectory Structure
# π Web Exploitation
## π Deseralization
### π [Ruby Deserialization.md](Deseralization/Ruby%20Deserialization.html)
### π [Python Deseralization.md](Deseralization/Python%20Deseralization.html)
### π [PHP Deseralziation.md](Deseralization/PHP%20Deseralziation.html)
### π [View State.md](Deseralization/View%20State.html)
### π [Node JS Deseralization.md](Deseralization/Node%20JS%20Deseralization.html)
### π [C# Deserialization.md](Deseralization/C#%20Deserialization.html)
### π [Java Deserialization.md](Deseralization/Java%20Deserialization.html)
## π CMS
### π [Drupal.md](CMS/Drupal.html)
### π [WAF Bypass.md](CMS/WAF%20Bypass.html)
### π [Wordpress.md](CMS/Wordpress.html)
## π Cloud
### π Azure
#### π [Azure.md](Cloud/Azure/Azure.html)
### π AWS
#### π Security
#### π Storage
#### π Network
#### π Database
#### π Compute
#### π [SES.md](Cloud/AWS/SES.html)
#### π [Nitro Enclave.md](Cloud/AWS/Nitro%20Enclave.html)
#### π [AWS.md](Cloud/AWS/AWS.html)
#### π [SQS.md](Cloud/AWS/SQS.html)
#### π [SNS.md](Cloud/AWS/SNS.html)
#### π [CloudTrail.md](Cloud/AWS/CloudTrail.html)
### π GCP
#### π [Storage Bucket.md](Cloud/GCP/Storage%20Bucket.html)
#### π [GCP.md](Cloud/GCP/GCP.html)
#### π [Secrets.md](Cloud/GCP/Secrets.html)
### π [Privlage Escaltion.md](Cloud/Privlage%20Escaltion.html)
### π [Cloudflare.md](Cloud/Cloudflare.html)
### π [AWS.md](Cloud/AWS.html)
### π [Cloud.md](Cloud/Cloud.html)
## π Auth
### π [FIDO.md](Auth/FIDO.html)
### π [CWT.md](Auth/CWT.html)
### π [OpenID.md](Auth/OpenID.html)
### π [SOAP.md](Auth/SOAP.html)
### π [OpenID Connect.md](Auth/OpenID%20Connect.html)
### π [Oauth2.md](Auth/Oauth2.html)
### π [SAML.md](Auth/SAML.html)
### π [WebAuthn.md](Auth/WebAuthn.html)
### π [JWT.md](Auth/JWT.html)
### π [OAuth.md](Auth/OAuth.html)
### π [2FA.md](Auth/2FA.html)
### π [Auth.md](Auth/Auth.html)
## π Proxies
### π [Testing Proxies.md](Proxies/Testing%20Proxies.html)
### π [Reverse Proxy.md](Proxies/Reverse%20Proxy.html)
## π Technologies
### π [Cookies.md](Technologies/Cookies.html)
### π [Web Hooks.md](Technologies/Web%20Hooks.html)
### π [postMessage.md](Technologies/postMessage.html)
### π [WebRTC.md](Technologies/WebRTC.html)
### π [CSRF.md](Technologies/CSRF.html)
### π [Well-known.md](Technologies/Well-known.html)
### π [Server-Sent-Events.md](Technologies/Server-Sent-Events.html)
### π [WebTransport.md](Technologies/WebTransport.html)
### π [Content Security Policy.md](Technologies/Content%20Security%20Policy.html)
### π [Web Sockets.md](Technologies/Web%20Sockets.html)
## π Injection
### π YAML
#### π [YAML.md](Injection/YAML/YAML.html)
### π XML
#### π [External Entity XML Injection.md](Injection/XML/External%20Entity%20XML%20Injection.html)
#### π [Internal Entity XML Injection.md](Injection/XML/Internal%20Entity%20XML%20Injection.html)
#### π [ESI.md](Injection/XML/ESI.html)
#### π [XSLT Injection.md](Injection/XML/XSLT%20Injection.html)
### π Databases
#### π NoSQL
#### π [NoSQL.md](Injection/Databases/NoSQL.html)
#### π [MySQL.md](Injection/Databases/MySQL.html)
#### π [Postgres.md](Injection/Databases/Postgres.html)
#### π [MongoDB.md](Injection/Databases/MongoDB.html)
#### π [LDAP.md](Injection/Databases/LDAP.html)
#### π [Oracle Database.md](Injection/Databases/Oracle%20Database.html)
#### π [Neo4j.md](Injection/Databases/Neo4j.html)
#### π [Memcache.md](Injection/Databases/Memcache.html)
#### π [Hibernation.md](Injection/Databases/Hibernation.html)
#### π [SQL_Injection.md](Injection/Databases/SQL_Injection.html)
#### π [GraphQL.md](Injection/Databases/GraphQL.html)
### π XSS
#### π [XSS.md](Injection/XSS/XSS.html)
### π [Request Smuggling.md](Injection/Request%20Smuggling.html)
### π [Pickle.md](Injection/Pickle.html)
### π [Header_Injection.md](Injection/Header_Injection.html)
### π [Template Injection.md](Injection/Template%20Injection.html)
### π [SSI.md](Injection/SSI.html)
### π [View State.md](Injection/View%20State.html)
### π [XPATH.md](Injection/XPATH.html)
### π [JSON.md](Injection/JSON.html)
### π [Injection.md](Injection/Injection.html)
### π [Command Injection.md](Injection/Command%20Injection.html)
### π [Object-Graph Navigation Language Injection.md](Injection/Object-Graph%20Navigation%20Language%20Injection.html)
## π File Upload
### π [Php.md](File%20Upload/Php.html)
### π [Images.md](File%20Upload/Images.html)
### π [PDF.md](File%20Upload/PDF.html)
## π SSRF
### π htaccess
#### π xml-without-body
#### π json-with-body
#### π img-with-body
#### π xml-without-body-md
#### π img-without-body
#### π csv-without-body
#### π csv-without-body-md
#### π csv-with-body
#### π img-without-body-md
#### π json-without-body-md
#### π xml-with-body-md
#### π json-without-body
#### π xml-with-body
#### π csv-with-body-md
#### π json-with-body-md
#### π img-with-body-md
### π ssrf2smtp
### π iframe
### π ffmpeg
### π [cloud-metadata.md](SSRF/cloud-metadata.html)
### π [SSRF.md](SSRF/SSRF.html)
## π [PHP htaccess.md](PHP%20htaccess.html)
## π [File Upload.md](File%20Upload.html)
## π [SSL.md](SSL.html)
## π [API Testing.md](API%20Testing.html)
## π [Web Scanning.md](Web%20Scanning.html)
## π [Automated Web Scanning.md](Automated%20Web%20Scanning.html)
## π [Cache.md](Cache.html)
## π [Javascript.md](Javascript.html)
## π [Parameter Exploits.md](Parameter%20Exploits.html)
## π [Race Conditions.md](Race%20Conditions.html)
## π [HTTP Headers.md](HTTP%20Headers.html)
## π [Browser Exploits.md](Browser%20Exploits.html)
## π [DoS.md](DoS.html)
## π [Botting.md](Botting.html)
## π [Local File Inclusion.md](Local%20File%20Inclusion.html)
## π [Exploits.md](Exploits.html)