I have moved this over to the Tech Interview Cheat Sheet Repo and has been expanded and even has code challenges you can run and practice against!
\
momenbasel
/ headersPentest
Last active
July 1, 2023 14:28
HTTP headers is the language that all web servers speaks, it can be golden gem for security researcher.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| X-Forwarded-Host | |
| X-Forwarded-Port | |
| X-Forwarded-Scheme | |
| Origin: null | |
| Origin: [siteDomain].attacker.com | |
| X-Frame-Options: Allow | |
| X-Forwarded-For: 127.0.0.1 | |
| X-Client-IP: 127.0.0.1 | |
| Client-IP: 127.0.0.1 | |
| ---For injecting BXSS(blind XSS) || SQLI payloads--- |
tsiege
/ The Technical Interview Cheat Sheet.md
Last active
October 13, 2025 20:38
This is my technical interview cheat sheet. Feel free to fork it or do whatever you want with it. PLEASE let me know if there are any errors or if anything crucial is missing. I will add more links soon.