《Web Hacking 101》中的連接整理

原書：Web Hacking 101

HTML 注入

• Coinbase Comments
• HackerOne Unintended HTML Inclusion
• Within Security Content Spoofing

HTTP 參數污染

• HackerOne Social Sharing Buttons
• Twitter Unsubscribe Notifications
• Twitter Web Intents

CRLF 劫持

• Twitter HTTP Response Splitting
• v.shopify.com Response Splitting

CSRF

• Shopify Export Installed Users
• Shopify Twitter Disconnect
• Badoo Full Account Takeover

邏輯漏洞

• Shopify Administrator Privilege Bypass
• Starbucks Race Conditions
• Binary.com Privilege Escalation
• HackerOne Signal Manipulation
• Shopify S3 Buckets Open
• HackerOne S3 Buckets Open
• Bypassing GitLab Two Factor Authentication
• Yahoo PHP Info Disclosure
• HackerOne Hacktivity Voting
• Accessing PornHub's Memcache Installation

XSS

• Shopify Wholesale
• Shopify Giftcard Cart
• Shopify Currency Formatting
• Yahoo Mail Stored XSS
• Google Image Search
• Google Tagmanager Stored XSS

SQL 注入

• Drupal SQL Injection

開放重定向漏洞

• Shopify Theme Install Open Redirect
• Shopify Login Open Redirect
• HackerOne Interstitial Redirect

子域控制

• Ubiquiti sub domain Takeover
• Scan.me Pointing to Zendesk
• Swiping Facebook Official Access Tokens

XXE 注入

• Read Access to Google
• Facebook XXE with Word
• Wikiloc XXE

代碼執行

• Polyvore ImageMagick

模板注入

• Uber Angular Template Injection
• Uber Template Injection
• Rails Dynamic Render

SSRF

• ESEA SSRF and Querying AWS Metadata

內存漏洞

• PHP ftp_genlist()
• Python Hotshot Module
• Libcurl Read Out of Bounds
• PHP Memory Corruption

工具

• Burp Suite
• Knockpy
• HostileSubBruteforcer
• sqlmap
• Nmap
• Eyewitness
• Shodan
• What CMS
• Nikto
• Recon-ng
• idb
• Wireshark
• Bucket Finder
• Google Dorks
• IPV4info.com
• JD GUI
• Mobile Security Framework
• Firefox Plugins
  • FoxyProxy
  • UserAgentSwitcher
  • Firebug
  • Hackbar
  • Websecurify
  • CookieManager+
  • XSS Me
  • Offsec Exploit-db Search
  • Wappalyzer

資源

• OnlineTraining
  • WebApplication Exploits and Defenses
  • The Exploit Database
  • Udacity
• Bug Bounty Platforms
  • Hackerone.com
  • Bugcrowd.com
  • Synack.com
  • Cobalt.io
• Video Tutorials
  • youtube.com/yaworsk1
  • Seccasts.com
  • Twitter#infsec
  • Twitter@disclosedh1
  • Web Application Hackers Handbook
  • Bug Hunters Methodology
• Recommended Blogs
  • philippeharewood.com
  • Philippe'sFacebookPage
  • fin1te.net
  • NahamSec.com
  • blog.it-securityguard.com
  • blog.innerht.ml
  • blog.orange.tw
  • Portswigger Blog
  • Nvisium Blog
  • blog.zsec.uk
  • Bug Crowd Blog
  • HackerOne Blog