LOGO
OFFENSIVE | DEFENSIVE | WIKI | ABOUT

[SERVER SIDE ATTACKS]

[SQLi]

INFORMATION DISCLOSURE

BROKEN ACCESS CONTROL

AUTHENTICATION

DIRECTORY/PATH TRAVERSAL

COMMAND INJECTION / RCE

BUSINESS LOGIC

INSECURE DESERIALIZATION

FILE INCLUSION ATTACKS

RACE CONDITIONS

[SSTI]

XXE INJECTION

PROTOTYPE POLLUTION

[SSRF]

HTTP HOST HEADER ATTACK

OAUTH AUTHENTICATION

XPATH INJECTION

NoSQL INJECTION

SOAP

API TESTING

WEB CACHE DECEPTION

©® - Since 2023