Web Attacks
HTTP Verb Tampering
HTTP Method
HEAD
PUT
DELETE
OPTIONS
PATCH
Command | Description |
| Set HTTP Method with Curl |
IDOR
Identify IDORS
In
URL parameters & APIs
In
AJAX Calls
By
understanding reference hashing/encoding
By
comparing user roles
Command | Description |
| MD5 hash a string |
| Base64 encode a string |
XXE
Code | Description |
| Define External Entity to a URL |
| Define External Entity to a file path |
| Read PHP source code with base64 encode filter |
| Reading a file through a PHP error |
| Reading a file OOB exfiltration |
Last updated