Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
n1c4n0n
/ extracted_urls_new
Last active
August 8, 2020 16:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://yasserali.com/hacking-paypal-accounts-with-one-click/ | |
| http://yifan.lu/2011/12/10/kindle-touch-5-0-jailbreakroot-and-ssh/ | |
| https://0x09al.github.io/waf/bypass/ssl/2018/07/02/web-application-firewall-bypass.html | |
| https://aboulton.blogspot.com/2011/11/new-type-of-vulnerability-lotus-notes.html | |
| https://agrrrdog.blogspot.com/2017/03/autobinding-vulns-and-spring-mvc.html | |
| https://amolnaik4.blogspot.com/2011/03/exploitation-of-self-only-cross-site.html | |
| https://andresriancho.com/recaptcha-bypass-via-http-parameter-pollution/ | |
| https://appsecusa2015.sched.org/speaker/mostafa_siraj.1tssijvd | |
| https://blog.bentkowski.info/2018/07/vulnerability-in-hangouts-chat-aka-how.html | |
| https://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://aaron.weaver2.googlepages.com/CrossSitePrinting.pdf | |
| http://andrewmcafee.org/2011/02/mcafee-apple-itunes-privacy-hole-violation/ | |
| http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0062.html | |
| http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/ | |
| http://aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthentication.aspx | |
| http://aviv.raffon.net/2008/01/17/SkypeCrosszoneScriptingVulnerability.aspx | |
| http://aviv.raffon.net/2008/05/14/InternetExplorerQuotPrintTableOfLinksquotCrossZoneScriptingVulnerability.aspx | |
| http://aviv.raffon.net/2008/05/31/SafariPwnsInternetExplorer.aspx | |
| http://aviv.raffon.net/2008/10/30/ADifferentOpera.aspx | |
| http://beta.blogger.com/Advanced%20Web%20Attack%20Techniques%20using%20GMail |
n1c4n0n
/ all.txt
Created
May 16, 2020 20:33
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
n1c4n0n
/ WAHH_Task_Checklist.md
Created
May 16, 2020 20:32
— forked from jhaddix/Testing_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
n1c4n0n
/ cloud_metadata.txt
Created
May 16, 2020 20:32
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |