Attacks and Vulnerabilities

Broken Authentication

Browser Attacks

Browser Attacks

Business logic flaws

Bypass Methodology

Bypass Methodology

Clickjacking

Command Injection

CORS Attacks

CORS MIsconfig
CORS Bypass

Cross Site Leaks

CSRF - Cross Site Request Forgery

Carriage Return and Line Feed Injection

CRLF Injection

Client Side Template Injection

Client Side Template Injection Scanner - ACSTIS helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.

CSV Injection

Dependancy Confusion

Deserialization Attacks

Directory Transversal

Directory traversal (also known as file path traversal) is a web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application. This might include application code and data, credentials for back-end systems, and sensitive operating system files.
Basics
Resources

File Inclusion Vulnerabilities

File inclusion vulnerabilities allow an attacker to include a file into the applications running code. In order to actually exploit a file inclusion vulnerability, we must be able to not only execute code, but also to write our shell payload somewhere.
Identification
Tools
Reference
  • Discovered the same way as directory transversals
  • Locate parameters you can manipulate and attempt to use them to load arbitrary files
  • We take it one step further and attempt to execute the contents of the file within the application
  • Local file inclusions (LFI) occur when the included file is loaded from the same web server.
    • http://10.11.0.22/menu.php?file=c:\xampp\apache\logs\access.log&cmd=ipconfig
  • Remote file inclusions (RFI) occur when a file is loaded from an external source.
  • LFISuite - LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack
  • Liffy - Local File Inclusion Exploitation tool.
  • Kadimus - Kadimus is a tool to check for and exploit LFI vulnerabilities, with a focus on PHP systems.
  • fimap - Fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.

File Upload

File Upload

HTML Injection

HTTP Host Header Attacks

HTTP Request Smuggling

Input Fuzzing

Input Fuzzing

Insecure Direct Object Reference

LDAP Injection

LDAP Injection

Open Redirect Vulnerabilities

Open Redirect Vulnerabilities

Prototype Pollution

  • ppfuzz - A fast tool to scan client-side prototype pollution vulnerability written in Rust.

Security Misconfigurations

Security misconfigurations include: • Poorly configured permissions on cloud services, like S3 buckets • Having unnecessary features enabled, like services, pages, accounts or privileges • Default accounts with unchanged passwords • Error messages that are overly detailed and allow an attacker to find out more about the system • Not using HTTP security headers, or revealing too much detail in the Server: HTTP header

Sidejacking

  • hamster-sidejack - Hamster is tool or “sidejacking”. It acts as a proxy server that replaces your cookies with session cookies stolen from somebody else, allowing you to hijack their sessions.

SQL Injection

SSRF: Server Side Request Forgery

SSRF

SSTI: Server Side Template Injection

SSTI

X-Path Injection

Web Cache Poisoning

Web Man-In-The-Middle

  • Evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
  • MITM Proxy - Mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols.

Web Sockets

XXE - XML External Entity Attacks

XSS - Cross Site Scripting