diff --git a/network-services-pentesting/11211-memcache/README.md b/network-services-pentesting/11211-memcache/README.md index 928c2b18a06..cac9441879c 100644 --- a/network-services-pentesting/11211-memcache/README.md +++ b/network-services-pentesting/11211-memcache/README.md @@ -223,3 +223,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/11211-memcache/memcache-commands.md b/network-services-pentesting/11211-memcache/memcache-commands.md index d8d558e1a92..b359dd7e091 100644 --- a/network-services-pentesting/11211-memcache/memcache-commands.md +++ b/network-services-pentesting/11211-memcache/memcache-commands.md @@ -165,3 +165,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md b/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md index 9f01ef7040b..43bb31fd92f 100644 --- a/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md +++ b/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md @@ -89,3 +89,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-finger.md b/network-services-pentesting/pentesting-finger.md index 753640fafc6..e12a515eb86 100644 --- a/network-services-pentesting/pentesting-finger.md +++ b/network-services-pentesting/pentesting-finger.md @@ -109,3 +109,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-ftp/README.md b/network-services-pentesting/pentesting-ftp/README.md index 374d5e91d02..866366c235f 100644 --- a/network-services-pentesting/pentesting-ftp/README.md +++ b/network-services-pentesting/pentesting-ftp/README.md @@ -306,3 +306,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-ftp/ftp-bounce-attack.md b/network-services-pentesting/pentesting-ftp/ftp-bounce-attack.md index 46145fa59e7..f98b812522f 100644 --- a/network-services-pentesting/pentesting-ftp/ftp-bounce-attack.md +++ b/network-services-pentesting/pentesting-ftp/ftp-bounce-attack.md @@ -61,3 +61,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-ftp/ftp-bounce-download-2oftp-file.md b/network-services-pentesting/pentesting-ftp/ftp-bounce-download-2oftp-file.md index 7e62da79da7..81d48c29b29 100644 --- a/network-services-pentesting/pentesting-ftp/ftp-bounce-download-2oftp-file.md +++ b/network-services-pentesting/pentesting-ftp/ftp-bounce-download-2oftp-file.md @@ -72,3 +72,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-irc.md b/network-services-pentesting/pentesting-irc.md index 86f6da765e7..d91c889592b 100644 --- a/network-services-pentesting/pentesting-irc.md +++ b/network-services-pentesting/pentesting-irc.md @@ -110,3 +110,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol.md b/network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol.md index 5e4dc4b62c8..da79fc5d5c7 100644 --- a/network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol.md +++ b/network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol.md @@ -104,3 +104,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-kerberos-88/README.md b/network-services-pentesting/pentesting-kerberos-88/README.md index eadd55bead7..6040f4293af 100644 --- a/network-services-pentesting/pentesting-kerberos-88/README.md +++ b/network-services-pentesting/pentesting-kerberos-88/README.md @@ -92,3 +92,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-kerberos-88/harvesting-tickets-from-linux.md b/network-services-pentesting/pentesting-kerberos-88/harvesting-tickets-from-linux.md index e65af068ced..2dc5da334d8 100644 --- a/network-services-pentesting/pentesting-kerberos-88/harvesting-tickets-from-linux.md +++ b/network-services-pentesting/pentesting-kerberos-88/harvesting-tickets-from-linux.md @@ -48,3 +48,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-ldap.md b/network-services-pentesting/pentesting-ldap.md index 9666abd0012..ef6fa5e6456 100644 --- a/network-services-pentesting/pentesting-ldap.md +++ b/network-services-pentesting/pentesting-ldap.md @@ -439,3 +439,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-modbus.md b/network-services-pentesting/pentesting-modbus.md index 60ccbf02809..ad24c88c13a 100644 --- a/network-services-pentesting/pentesting-modbus.md +++ b/network-services-pentesting/pentesting-modbus.md @@ -68,3 +68,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-mssql-microsoft-sql-server/types-of-mssql-users.md b/network-services-pentesting/pentesting-mssql-microsoft-sql-server/types-of-mssql-users.md index 9ea2542011c..a1fa32eea96 100644 --- a/network-services-pentesting/pentesting-mssql-microsoft-sql-server/types-of-mssql-users.md +++ b/network-services-pentesting/pentesting-mssql-microsoft-sql-server/types-of-mssql-users.md @@ -49,3 +49,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-mysql.md b/network-services-pentesting/pentesting-mysql.md index 60f08aa89f8..d83fb1d7b2b 100644 --- a/network-services-pentesting/pentesting-mysql.md +++ b/network-services-pentesting/pentesting-mysql.md @@ -688,3 +688,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-ntp.md b/network-services-pentesting/pentesting-ntp.md index eac2bc29eb6..bcc9e869b48 100644 --- a/network-services-pentesting/pentesting-ntp.md +++ b/network-services-pentesting/pentesting-ntp.md @@ -138,3 +138,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-pop.md b/network-services-pentesting/pentesting-pop.md index a33d01c63d9..dc3e3596cbf 100644 --- a/network-services-pentesting/pentesting-pop.md +++ b/network-services-pentesting/pentesting-pop.md @@ -154,4 +154,4 @@ Learn & practice GCP Hacking: -{% endhint %} \ No newline at end of file +{% endhint %} diff --git a/network-services-pentesting/pentesting-postgresql.md b/network-services-pentesting/pentesting-postgresql.md index c3dd1d9bd1f..010f315e16c 100644 --- a/network-services-pentesting/pentesting-postgresql.md +++ b/network-services-pentesting/pentesting-postgresql.md @@ -852,3 +852,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&u Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=pentesting-postgresql" %} + diff --git a/network-services-pentesting/pentesting-rdp.md b/network-services-pentesting/pentesting-rdp.md index 5e416ce5fb2..d83344daab8 100644 --- a/network-services-pentesting/pentesting-rdp.md +++ b/network-services-pentesting/pentesting-rdp.md @@ -195,3 +195,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-remote-gdbserver.md b/network-services-pentesting/pentesting-remote-gdbserver.md index 6e5d5be58ca..3d8f3167266 100644 --- a/network-services-pentesting/pentesting-remote-gdbserver.md +++ b/network-services-pentesting/pentesting-remote-gdbserver.md @@ -224,3 +224,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-rlogin.md b/network-services-pentesting/pentesting-rlogin.md index 147348e0723..23607eddc91 100644 --- a/network-services-pentesting/pentesting-rlogin.md +++ b/network-services-pentesting/pentesting-rlogin.md @@ -71,3 +71,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-rpcbind.md b/network-services-pentesting/pentesting-rpcbind.md index 00d50903e3e..c0454664f95 100644 --- a/network-services-pentesting/pentesting-rpcbind.md +++ b/network-services-pentesting/pentesting-rpcbind.md @@ -145,3 +145,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-rsh.md b/network-services-pentesting/pentesting-rsh.md index 4b293315291..3edaac32a26 100644 --- a/network-services-pentesting/pentesting-rsh.md +++ b/network-services-pentesting/pentesting-rsh.md @@ -57,3 +57,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-sap.md b/network-services-pentesting/pentesting-sap.md index 34e2a916f9d..4774dcd7163 100644 --- a/network-services-pentesting/pentesting-sap.md +++ b/network-services-pentesting/pentesting-sap.md @@ -423,3 +423,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-smb/README.md b/network-services-pentesting/pentesting-smb/README.md index 2513567f857..700f90a7ad1 100644 --- a/network-services-pentesting/pentesting-smb/README.md +++ b/network-services-pentesting/pentesting-smb/README.md @@ -617,3 +617,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md b/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md index ea87890d0cf..029e7d9993d 100644 --- a/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md +++ b/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md @@ -125,3 +125,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-smtp/README.md b/network-services-pentesting/pentesting-smtp/README.md index ed04cd74b8a..8ce4e25e7b7 100644 --- a/network-services-pentesting/pentesting-smtp/README.md +++ b/network-services-pentesting/pentesting-smtp/README.md @@ -652,3 +652,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-smtp/smtp-commands.md b/network-services-pentesting/pentesting-smtp/smtp-commands.md index 8c5a4f97594..0d99f824390 100644 --- a/network-services-pentesting/pentesting-smtp/smtp-commands.md +++ b/network-services-pentesting/pentesting-smtp/smtp-commands.md @@ -86,3 +86,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-smtp/smtp-smuggling.md b/network-services-pentesting/pentesting-smtp/smtp-smuggling.md index 269b1d652dd..0a3d54c23fc 100644 --- a/network-services-pentesting/pentesting-smtp/smtp-smuggling.md +++ b/network-services-pentesting/pentesting-smtp/smtp-smuggling.md @@ -59,3 +59,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-snmp/README.md b/network-services-pentesting/pentesting-snmp/README.md index a3e3b16b314..9a8854b6829 100644 --- a/network-services-pentesting/pentesting-snmp/README.md +++ b/network-services-pentesting/pentesting-snmp/README.md @@ -319,3 +319,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-snmp/cisco-snmp.md b/network-services-pentesting/pentesting-snmp/cisco-snmp.md index 2252b20a27f..de511c5776c 100644 --- a/network-services-pentesting/pentesting-snmp/cisco-snmp.md +++ b/network-services-pentesting/pentesting-snmp/cisco-snmp.md @@ -76,3 +76,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-snmp/snmp-rce.md b/network-services-pentesting/pentesting-snmp/snmp-rce.md index 97e0ae1e192..62968a654d6 100644 --- a/network-services-pentesting/pentesting-snmp/snmp-rce.md +++ b/network-services-pentesting/pentesting-snmp/snmp-rce.md @@ -83,3 +83,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-telnet.md b/network-services-pentesting/pentesting-telnet.md index aaea8fe330a..ca910ce4fe6 100644 --- a/network-services-pentesting/pentesting-telnet.md +++ b/network-services-pentesting/pentesting-telnet.md @@ -119,3 +119,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-vnc.md b/network-services-pentesting/pentesting-vnc.md index 0e957c3570b..4a30ab115af 100644 --- a/network-services-pentesting/pentesting-vnc.md +++ b/network-services-pentesting/pentesting-vnc.md @@ -88,3 +88,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-voip/README.md b/network-services-pentesting/pentesting-voip/README.md index 3cf7f4c7de8..7da6c81b6ef 100644 --- a/network-services-pentesting/pentesting-voip/README.md +++ b/network-services-pentesting/pentesting-voip/README.md @@ -750,3 +750,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-voip/basic-voip-protocols/README.md b/network-services-pentesting/pentesting-voip/basic-voip-protocols/README.md index d3885c919fd..8b1be7b53cb 100644 --- a/network-services-pentesting/pentesting-voip/basic-voip-protocols/README.md +++ b/network-services-pentesting/pentesting-voip/basic-voip-protocols/README.md @@ -124,3 +124,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-voip/basic-voip-protocols/sip-session-initiation-protocol.md b/network-services-pentesting/pentesting-voip/basic-voip-protocols/sip-session-initiation-protocol.md index c4b1208ab79..b86b4394605 100644 --- a/network-services-pentesting/pentesting-voip/basic-voip-protocols/sip-session-initiation-protocol.md +++ b/network-services-pentesting/pentesting-voip/basic-voip-protocols/sip-session-initiation-protocol.md @@ -271,3 +271,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/403-and-401-bypasses.md b/network-services-pentesting/pentesting-web/403-and-401-bypasses.md index 46596598885..5fd4332353a 100644 --- a/network-services-pentesting/pentesting-web/403-and-401-bypasses.md +++ b/network-services-pentesting/pentesting-web/403-and-401-bypasses.md @@ -160,3 +160,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/README.md b/network-services-pentesting/pentesting-web/README.md index 4ed3520ebc0..304721df48c 100644 --- a/network-services-pentesting/pentesting-web/README.md +++ b/network-services-pentesting/pentesting-web/README.md @@ -463,3 +463,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/aem-adobe-experience-cloud.md b/network-services-pentesting/pentesting-web/aem-adobe-experience-cloud.md index 64b70a13efe..cc52089a420 100644 --- a/network-services-pentesting/pentesting-web/aem-adobe-experience-cloud.md +++ b/network-services-pentesting/pentesting-web/aem-adobe-experience-cloud.md @@ -36,3 +36,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/artifactory-hacking-guide.md b/network-services-pentesting/pentesting-web/artifactory-hacking-guide.md index ffff82064b3..c520c2003bb 100644 --- a/network-services-pentesting/pentesting-web/artifactory-hacking-guide.md +++ b/network-services-pentesting/pentesting-web/artifactory-hacking-guide.md @@ -33,3 +33,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/buckets/README.md b/network-services-pentesting/pentesting-web/buckets/README.md index ff53e566966..09b7b6d075f 100644 --- a/network-services-pentesting/pentesting-web/buckets/README.md +++ b/network-services-pentesting/pentesting-web/buckets/README.md @@ -33,3 +33,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/buckets/firebase-database.md b/network-services-pentesting/pentesting-web/buckets/firebase-database.md index 86767522c8a..b91fd18f9ac 100644 --- a/network-services-pentesting/pentesting-web/buckets/firebase-database.md +++ b/network-services-pentesting/pentesting-web/buckets/firebase-database.md @@ -37,3 +37,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/cgi.md b/network-services-pentesting/pentesting-web/cgi.md index a4f47453156..4f5577469e1 100644 --- a/network-services-pentesting/pentesting-web/cgi.md +++ b/network-services-pentesting/pentesting-web/cgi.md @@ -122,3 +122,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/django.md b/network-services-pentesting/pentesting-web/django.md index 2028f616696..27a97804915 100644 --- a/network-services-pentesting/pentesting-web/django.md +++ b/network-services-pentesting/pentesting-web/django.md @@ -6,3 +6,4 @@ Django's default cache storage method is [Python pickles](https://docs.python.or Django cache is stored in one of four places: [Redis](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/redis.py#L12), [memory](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/locmem.py#L16), [files](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/filebased.py#L16), or a [database](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/db.py#L95). Cache stored in a Redis server or database are the most likely attack vectors (Redis injection and SQL injection), but an attacker may also be able to use file-based cache to turn an arbitrary write into RCE. Maintainers have marked this as a non-issue. It's important to note that the cache file folder, SQL table name, and Redis server details will vary based on implementation. This HackerOne report provides a great, reproducible example of exploiting Django cache stored in a SQLite database: https://hackerone.com/reports/1415436 + diff --git a/network-services-pentesting/pentesting-web/dotnetnuke-dnn.md b/network-services-pentesting/pentesting-web/dotnetnuke-dnn.md index d6705e72070..39d3e2aefb4 100644 --- a/network-services-pentesting/pentesting-web/dotnetnuke-dnn.md +++ b/network-services-pentesting/pentesting-web/dotnetnuke-dnn.md @@ -68,3 +68,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/drupal/README.md b/network-services-pentesting/pentesting-web/drupal/README.md index 8711cbe906d..a78ec7b3b4c 100644 --- a/network-services-pentesting/pentesting-web/drupal/README.md +++ b/network-services-pentesting/pentesting-web/drupal/README.md @@ -134,4 +134,4 @@ Learn & practice GCP Hacking: 
 * **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
-{% endhint %}
\ No newline at end of file
+{% endhint %}
diff --git a/network-services-pentesting/pentesting-web/drupal/drupal-rce.md b/network-services-pentesting/pentesting-web/drupal/drupal-rce.md
index f3932d8aa97..12b3089cf7c 100644
--- a/network-services-pentesting/pentesting-web/drupal/drupal-rce.md
+++ b/network-services-pentesting/pentesting-web/drupal/drupal-rce.md
@@ -274,3 +274,4 @@ Learn & practice GCP Hacking: <img src= {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-electron-internal-code.md b/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-electron-internal-code.md index fa993ddb590..6614f36354a 100644 --- a/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-electron-internal-code.md +++ b/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-electron-internal-code.md @@ -87,3 +87,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-ipc.md b/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-ipc.md index 9496f77d3ca..fde1a86cd81 100644 --- a/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-ipc.md +++ b/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-ipc.md @@ -127,3 +127,4 @@ Learn & practice GCP Hacking: 
 
 </details>
 {% endhint %}
+
diff --git a/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-preload-code.md b/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-preload-code.md
index 55b02376360..31992241a99 100644
--- a/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-preload-code.md
+++ b/network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-preload-code.md
@@ -112,3 +112,4 @@ Learn & practice GCP Hacking: <img src= {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/flask.md b/network-services-pentesting/pentesting-web/flask.md index 5062bfb2212..6b3112bafb9 100644 --- a/network-services-pentesting/pentesting-web/flask.md +++ b/network-services-pentesting/pentesting-web/flask.md @@ -140,3 +140,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/git.md b/network-services-pentesting/pentesting-web/git.md index 75bc59bf350..5c70321765b 100644 --- a/network-services-pentesting/pentesting-web/git.md +++ b/network-services-pentesting/pentesting-web/git.md @@ -47,3 +47,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/golang.md b/network-services-pentesting/pentesting-web/golang.md index 3b13ffdbaa0..36d04109989 100644 --- a/network-services-pentesting/pentesting-web/golang.md +++ b/network-services-pentesting/pentesting-web/golang.md @@ -52,3 +52,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/graphql.md b/network-services-pentesting/pentesting-web/graphql.md index d1bda449bd0..425319bcc9c 100644 --- a/network-services-pentesting/pentesting-web/graphql.md +++ b/network-services-pentesting/pentesting-web/graphql.md @@ -690,3 +690,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/gwt-google-web-toolkit.md b/network-services-pentesting/pentesting-web/gwt-google-web-toolkit.md index 8a0780c9ae9..b6a87fda970 100644 --- a/network-services-pentesting/pentesting-web/gwt-google-web-toolkit.md +++ b/network-services-pentesting/pentesting-web/gwt-google-web-toolkit.md @@ -1,2 +1,3 @@ # GWT - Google Web Toolkit + diff --git a/network-services-pentesting/pentesting-web/h2-java-sql-database.md b/network-services-pentesting/pentesting-web/h2-java-sql-database.md index 28f6f0c3054..3f132a25f6d 100644 --- a/network-services-pentesting/pentesting-web/h2-java-sql-database.md +++ b/network-services-pentesting/pentesting-web/h2-java-sql-database.md @@ -66,3 +66,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/iis-internet-information-services.md b/network-services-pentesting/pentesting-web/iis-internet-information-services.md index 0866abc8a7f..2eed56b09e5 100644 --- a/network-services-pentesting/pentesting-web/iis-internet-information-services.md +++ b/network-services-pentesting/pentesting-web/iis-internet-information-services.md @@ -301,3 +301,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/imagemagick-security.md b/network-services-pentesting/pentesting-web/imagemagick-security.md index 4bd92d5d393..b1a28ede883 100644 --- a/network-services-pentesting/pentesting-web/imagemagick-security.md +++ b/network-services-pentesting/pentesting-web/imagemagick-security.md @@ -69,3 +69,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/jboss.md b/network-services-pentesting/pentesting-web/jboss.md index a33eef281ea..fd468e51254 100644 --- a/network-services-pentesting/pentesting-web/jboss.md +++ b/network-services-pentesting/pentesting-web/jboss.md @@ -58,3 +58,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/jira.md b/network-services-pentesting/pentesting-web/jira.md index 882c3cf65dd..4d82adcac7c 100644 --- a/network-services-pentesting/pentesting-web/jira.md +++ b/network-services-pentesting/pentesting-web/jira.md @@ -155,3 +155,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/joomla.md b/network-services-pentesting/pentesting-web/joomla.md index d4b859edcbc..eb3171a8172 100644 --- a/network-services-pentesting/pentesting-web/joomla.md +++ b/network-services-pentesting/pentesting-web/joomla.md @@ -161,3 +161,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/jsp.md b/network-services-pentesting/pentesting-web/jsp.md index 28dd4c27652..fb8438d2add 100644 --- a/network-services-pentesting/pentesting-web/jsp.md +++ b/network-services-pentesting/pentesting-web/jsp.md @@ -41,3 +41,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/laravel.md b/network-services-pentesting/pentesting-web/laravel.md index 3b4742890ee..99e66fbace6 100644 --- a/network-services-pentesting/pentesting-web/laravel.md +++ b/network-services-pentesting/pentesting-web/laravel.md @@ -140,3 +140,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/moodle.md b/network-services-pentesting/pentesting-web/moodle.md index f371fc1bb03..b0af4aeb2cc 100644 --- a/network-services-pentesting/pentesting-web/moodle.md +++ b/network-services-pentesting/pentesting-web/moodle.md @@ -145,3 +145,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/nextjs.md b/network-services-pentesting/pentesting-web/nextjs.md index 05a7d64cfee..18bd9f958b0 100644 --- a/network-services-pentesting/pentesting-web/nextjs.md +++ b/network-services-pentesting/pentesting-web/nextjs.md @@ -35,3 +35,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/nginx.md b/network-services-pentesting/pentesting-web/nginx.md index 3e5e380d8da..3ce15c09069 100644 --- a/network-services-pentesting/pentesting-web/nginx.md +++ b/network-services-pentesting/pentesting-web/nginx.md @@ -340,3 +340,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/nodejs-express.md b/network-services-pentesting/pentesting-web/nodejs-express.md index 96d0b27e651..49e13326668 100644 --- a/network-services-pentesting/pentesting-web/nodejs-express.md +++ b/network-services-pentesting/pentesting-web/nodejs-express.md @@ -35,3 +35,4 @@ iI you know the secret you can sign a the cookie. ```bash cookie-monster -e -f new_cookie.json -k secret ``` + diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/README.md b/network-services-pentesting/pentesting-web/php-tricks-esp/README.md index 7787264b75c..7f0d365236f 100644 --- a/network-services-pentesting/pentesting-web/php-tricks-esp/README.md +++ b/network-services-pentesting/pentesting-web/php-tricks-esp/README.md @@ -546,3 +546,4 @@ Learn & practice GCP Hacking: 
 
 </details>
 {% endhint %}
+
diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/php-rce-abusing-object-creation-new-usd_get-a-usd_get-b.md b/network-services-pentesting/pentesting-web/php-tricks-esp/php-rce-abusing-object-creation-new-usd_get-a-usd_get-b.md
index 93a27d38787..92ef27fcd08 100644
--- a/network-services-pentesting/pentesting-web/php-tricks-esp/php-rce-abusing-object-creation-new-usd_get-a-usd_get-b.md
+++ b/network-services-pentesting/pentesting-web/php-tricks-esp/php-rce-abusing-object-creation-new-usd_get-a-usd_get-b.md
@@ -128,3 +128,4 @@ Learn & practice GCP Hacking: <img src= {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/php-ssrf.md b/network-services-pentesting/pentesting-web/php-tricks-esp/php-ssrf.md index bc9a5b66b9a..0818b3f68cf 100644 --- a/network-services-pentesting/pentesting-web/php-tricks-esp/php-ssrf.md +++ b/network-services-pentesting/pentesting-web/php-tricks-esp/php-ssrf.md @@ -95,3 +95,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/README.md b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/README.md index 7e53e7f2644..007a244bba5 100644 --- a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/README.md +++ b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/README.md @@ -842,3 +842,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-dl-function.md b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-dl-function.md index 1f683f57b21..c12ab224614 100644 --- a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-dl-function.md +++ b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-dl-function.md @@ -110,3 +110,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-fpm-fastcgi.md b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-fpm-fastcgi.md index 899423ddb17..74dd285796a 100644 --- a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-fpm-fastcgi.md +++ b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-fpm-fastcgi.md @@ -461,3 +461,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-less-than-5.2.9-on-windows.md b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-less-than-5.2.9-on-windows.md index 2787af9d8d7..6a20dbe3c9b 100644 --- a/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-less-than-5.2.9-on-windows.md +++ b/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-less-than-5.2.9-on-windows.md @@ -103,3 +103,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/put-method-webdav.md b/network-services-pentesting/pentesting-web/put-method-webdav.md index ae60051a8f1..257ad2378f7 100644 --- a/network-services-pentesting/pentesting-web/put-method-webdav.md +++ b/network-services-pentesting/pentesting-web/put-method-webdav.md @@ -148,3 +148,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks\&utm_medium=text\ Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=put-method-webdav" %} + diff --git a/network-services-pentesting/pentesting-web/python.md b/network-services-pentesting/pentesting-web/python.md index 180b2fc5d1c..914ba6bad49 100644 --- a/network-services-pentesting/pentesting-web/python.md +++ b/network-services-pentesting/pentesting-web/python.md @@ -51,3 +51,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/rocket-chat.md b/network-services-pentesting/pentesting-web/rocket-chat.md index 4602e96b9b0..d72531c7e34 100644 --- a/network-services-pentesting/pentesting-web/rocket-chat.md +++ b/network-services-pentesting/pentesting-web/rocket-chat.md @@ -69,3 +69,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/special-http-headers.md b/network-services-pentesting/pentesting-web/special-http-headers.md index 2e7992b0141..1c69098545a 100644 --- a/network-services-pentesting/pentesting-web/special-http-headers.md +++ b/network-services-pentesting/pentesting-web/special-http-headers.md @@ -226,3 +226,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/spring-actuators.md b/network-services-pentesting/pentesting-web/spring-actuators.md index 25b9b4bbee2..fd579e02647 100644 --- a/network-services-pentesting/pentesting-web/spring-actuators.md +++ b/network-services-pentesting/pentesting-web/spring-actuators.md @@ -89,3 +89,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/symphony.md b/network-services-pentesting/pentesting-web/symphony.md index 8895cd9e76e..e9f6c825fec 100644 --- a/network-services-pentesting/pentesting-web/symphony.md +++ b/network-services-pentesting/pentesting-web/symphony.md @@ -35,3 +35,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/tomcat/README.md b/network-services-pentesting/pentesting-web/tomcat/README.md index 7bf01a0184c..88940a50ad5 100644 --- a/network-services-pentesting/pentesting-web/tomcat/README.md +++ b/network-services-pentesting/pentesting-web/tomcat/README.md @@ -290,3 +290,4 @@ Learn & practice GCP Hacking: 
 
 </details>
 {% endhint %}
+
diff --git a/network-services-pentesting/pentesting-web/uncovering-cloudflare.md b/network-services-pentesting/pentesting-web/uncovering-cloudflare.md
index e2d6f4fce67..47d871ec4a0 100644
--- a/network-services-pentesting/pentesting-web/uncovering-cloudflare.md
+++ b/network-services-pentesting/pentesting-web/uncovering-cloudflare.md
@@ -168,3 +168,4 @@ Learn & practice GCP Hacking: <img src= {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/vmware-esx-vcenter....md b/network-services-pentesting/pentesting-web/vmware-esx-vcenter....md index c0d0070f592..9687024b580 100644 --- a/network-services-pentesting/pentesting-web/vmware-esx-vcenter....md +++ b/network-services-pentesting/pentesting-web/vmware-esx-vcenter....md @@ -56,3 +56,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/werkzeug.md b/network-services-pentesting/pentesting-web/werkzeug.md index 8ce72c8c76d..ebcbd02670e 100644 --- a/network-services-pentesting/pentesting-web/werkzeug.md +++ b/network-services-pentesting/pentesting-web/werkzeug.md @@ -212,3 +212,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/network-services-pentesting/pentesting-web/wordpress.md b/network-services-pentesting/pentesting-web/wordpress.md index 4a54e5b48bd..28fdbb91930 100644 --- a/network-services-pentesting/pentesting-web/wordpress.md +++ b/network-services-pentesting/pentesting-web/wordpress.md @@ -499,3 +499,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/2fa-bypass.md b/pentesting-web/2fa-bypass.md index d40acb17322..2d67fd88a18 100644 --- a/pentesting-web/2fa-bypass.md +++ b/pentesting-web/2fa-bypass.md @@ -155,3 +155,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/abusing-hop-by-hop-headers.md b/pentesting-web/abusing-hop-by-hop-headers.md index 946098dda2f..2ae296e39e5 100644 --- a/pentesting-web/abusing-hop-by-hop-headers.md +++ b/pentesting-web/abusing-hop-by-hop-headers.md @@ -78,3 +78,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/account-takeover.md b/pentesting-web/account-takeover.md index 82d1ea2135d..5e7062e6f82 100644 --- a/pentesting-web/account-takeover.md +++ b/pentesting-web/account-takeover.md @@ -148,3 +148,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/browser-extension-pentesting-methodology/README.md b/pentesting-web/browser-extension-pentesting-methodology/README.md index 6c5824d0743..3a0b0319653 100644 --- a/pentesting-web/browser-extension-pentesting-methodology/README.md +++ b/pentesting-web/browser-extension-pentesting-methodology/README.md @@ -791,3 +791,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/browser-extension-pentesting-methodology/browext-clickjacking.md b/pentesting-web/browser-extension-pentesting-methodology/browext-clickjacking.md index 4d29c15cde5..165c8b29cbf 100644 --- a/pentesting-web/browser-extension-pentesting-methodology/browext-clickjacking.md +++ b/pentesting-web/browser-extension-pentesting-methodology/browext-clickjacking.md @@ -129,3 +129,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/browser-extension-pentesting-methodology/browext-permissions-and-host_permissions.md b/pentesting-web/browser-extension-pentesting-methodology/browext-permissions-and-host_permissions.md index 557cc162038..15b57f881c6 100644 --- a/pentesting-web/browser-extension-pentesting-methodology/browext-permissions-and-host_permissions.md +++ b/pentesting-web/browser-extension-pentesting-methodology/browext-permissions-and-host_permissions.md @@ -141,3 +141,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/browser-extension-pentesting-methodology/browext-xss-example.md b/pentesting-web/browser-extension-pentesting-methodology/browext-xss-example.md index d9dc0fdd191..2d06fb643a4 100644 --- a/pentesting-web/browser-extension-pentesting-methodology/browext-xss-example.md +++ b/pentesting-web/browser-extension-pentesting-methodology/browext-xss-example.md @@ -134,3 +134,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/bypass-payment-process.md b/pentesting-web/bypass-payment-process.md index 1d3a44269b2..6c39f77da8b 100644 --- a/pentesting-web/bypass-payment-process.md +++ b/pentesting-web/bypass-payment-process.md @@ -61,3 +61,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/cache-deception/cache-poisoning-to-dos.md b/pentesting-web/cache-deception/cache-poisoning-to-dos.md index b7993561c29..b50c389c7b3 100644 --- a/pentesting-web/cache-deception/cache-poisoning-to-dos.md +++ b/pentesting-web/cache-deception/cache-poisoning-to-dos.md @@ -170,3 +170,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/cache-deception/cache-poisoning-via-url-discrepancies.md b/pentesting-web/cache-deception/cache-poisoning-via-url-discrepancies.md index 9b28e61d914..f8c03f802bf 100644 --- a/pentesting-web/cache-deception/cache-poisoning-via-url-discrepancies.md +++ b/pentesting-web/cache-deception/cache-poisoning-via-url-discrepancies.md @@ -77,3 +77,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/captcha-bypass.md b/pentesting-web/captcha-bypass.md index e5de64d620e..43a696bd04a 100644 --- a/pentesting-web/captcha-bypass.md +++ b/pentesting-web/captcha-bypass.md @@ -61,3 +61,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/clickjacking.md b/pentesting-web/clickjacking.md index 634d83ec375..e113a29a5e9 100644 --- a/pentesting-web/clickjacking.md +++ b/pentesting-web/clickjacking.md @@ -241,3 +241,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/client-side-path-traversal.md b/pentesting-web/client-side-path-traversal.md index a382b11ca51..5e67b71af90 100644 --- a/pentesting-web/client-side-path-traversal.md +++ b/pentesting-web/client-side-path-traversal.md @@ -40,3 +40,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/client-side-template-injection-csti.md b/pentesting-web/client-side-template-injection-csti.md index 8dfefa3eacb..dec9c607085 100644 --- a/pentesting-web/client-side-template-injection-csti.md +++ b/pentesting-web/client-side-template-injection-csti.md @@ -126,3 +126,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/command-injection.md b/pentesting-web/command-injection.md index 8d4220e680d..b0ab2f72da5 100644 --- a/pentesting-web/command-injection.md +++ b/pentesting-web/command-injection.md @@ -181,3 +181,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/content-security-policy-csp-bypass/csp-bypass-self-+-unsafe-inline-with-iframes.md b/pentesting-web/content-security-policy-csp-bypass/csp-bypass-self-+-unsafe-inline-with-iframes.md index ca7ebde909f..115e7898fc4 100644 --- a/pentesting-web/content-security-policy-csp-bypass/csp-bypass-self-+-unsafe-inline-with-iframes.md +++ b/pentesting-web/content-security-policy-csp-bypass/csp-bypass-self-+-unsafe-inline-with-iframes.md @@ -93,3 +93,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/crlf-0d-0a.md b/pentesting-web/crlf-0d-0a.md index d227ae53145..cd03ec8aebe 100644 --- a/pentesting-web/crlf-0d-0a.md +++ b/pentesting-web/crlf-0d-0a.md @@ -254,3 +254,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/csrf-cross-site-request-forgery.md b/pentesting-web/csrf-cross-site-request-forgery.md index a0cb0237639..688349483b9 100644 --- a/pentesting-web/csrf-cross-site-request-forgery.md +++ b/pentesting-web/csrf-cross-site-request-forgery.md @@ -653,3 +653,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/dangling-markup-html-scriptless-injection/README.md b/pentesting-web/dangling-markup-html-scriptless-injection/README.md index 59de630ac42..a4b1ac310a1 100644 --- a/pentesting-web/dangling-markup-html-scriptless-injection/README.md +++ b/pentesting-web/dangling-markup-html-scriptless-injection/README.md @@ -297,3 +297,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/dangling-markup-html-scriptless-injection/ss-leaks.md b/pentesting-web/dangling-markup-html-scriptless-injection/ss-leaks.md index c2c42faa5e8..5bbc89396bc 100644 --- a/pentesting-web/dangling-markup-html-scriptless-injection/ss-leaks.md +++ b/pentesting-web/dangling-markup-html-scriptless-injection/ss-leaks.md @@ -31,3 +31,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/dependency-confusion.md b/pentesting-web/dependency-confusion.md index 5ff01deb7a0..235a3807ce1 100644 --- a/pentesting-web/dependency-confusion.md +++ b/pentesting-web/dependency-confusion.md @@ -77,3 +77,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/README.md b/pentesting-web/deserialization/README.md index 33c59a24fd2..090939e2995 100644 --- a/pentesting-web/deserialization/README.md +++ b/pentesting-web/deserialization/README.md @@ -988,3 +988,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/basic-.net-deserialization-objectdataprovider-gadgets-expandedwrapper-and-json.net.md b/pentesting-web/deserialization/basic-.net-deserialization-objectdataprovider-gadgets-expandedwrapper-and-json.net.md index 0f26488e85e..76de4ce3e70 100644 --- a/pentesting-web/deserialization/basic-.net-deserialization-objectdataprovider-gadgets-expandedwrapper-and-json.net.md +++ b/pentesting-web/deserialization/basic-.net-deserialization-objectdataprovider-gadgets-expandedwrapper-and-json.net.md @@ -221,3 +221,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/basic-java-deserialization-objectinputstream-readobject.md b/pentesting-web/deserialization/basic-java-deserialization-objectinputstream-readobject.md index 030ec10e805..e72fa960898 100644 --- a/pentesting-web/deserialization/basic-java-deserialization-objectinputstream-readobject.md +++ b/pentesting-web/deserialization/basic-java-deserialization-objectinputstream-readobject.md @@ -119,3 +119,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md b/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md index 57aa09edc47..99b8d40c548 100644 --- a/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md +++ b/pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md @@ -225,3 +225,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/java-jsf-viewstate-.faces-deserialization.md b/pentesting-web/deserialization/java-jsf-viewstate-.faces-deserialization.md index 68c810640cb..4c6cfd8fd96 100644 --- a/pentesting-web/deserialization/java-jsf-viewstate-.faces-deserialization.md +++ b/pentesting-web/deserialization/java-jsf-viewstate-.faces-deserialization.md @@ -36,3 +36,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md b/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md index e966d65df9c..711ef419c88 100644 --- a/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md +++ b/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md @@ -491,3 +491,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/README.md b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/README.md index abe79870416..94935e730d9 100644 --- a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/README.md +++ b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/README.md @@ -405,3 +405,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution.md b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution.md index 59202b41643..e72d8b909fe 100644 --- a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution.md +++ b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution.md @@ -142,3 +142,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/express-prototype-pollution-gadgets.md b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/express-prototype-pollution-gadgets.md index c2555520040..c0c7ca10b8b 100644 --- a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/express-prototype-pollution-gadgets.md +++ b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/express-prototype-pollution-gadgets.md @@ -150,3 +150,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/prototype-pollution-to-rce.md b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/prototype-pollution-to-rce.md index 94db19eb0c0..0fb200a3420 100644 --- a/pentesting-web/deserialization/nodejs-proto-prototype-pollution/prototype-pollution-to-rce.md +++ b/pentesting-web/deserialization/nodejs-proto-prototype-pollution/prototype-pollution-to-rce.md @@ -744,3 +744,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/php-deserialization-+-autoload-classes.md b/pentesting-web/deserialization/php-deserialization-+-autoload-classes.md index 6a5eea14874..d066b6c1b03 100644 --- a/pentesting-web/deserialization/php-deserialization-+-autoload-classes.md +++ b/pentesting-web/deserialization/php-deserialization-+-autoload-classes.md @@ -99,3 +99,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/python-yaml-deserialization.md b/pentesting-web/deserialization/python-yaml-deserialization.md index 477a65b21f7..e42354f6064 100644 --- a/pentesting-web/deserialization/python-yaml-deserialization.md +++ b/pentesting-web/deserialization/python-yaml-deserialization.md @@ -175,3 +175,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/deserialization/ruby-class-pollution.md b/pentesting-web/deserialization/ruby-class-pollution.md index b6a3c21ad60..c373818ebbd 100644 --- a/pentesting-web/deserialization/ruby-class-pollution.md +++ b/pentesting-web/deserialization/ruby-class-pollution.md @@ -448,3 +448,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/domain-subdomain-takeover.md b/pentesting-web/domain-subdomain-takeover.md index 86378e62dd0..ebc923f6cb9 100644 --- a/pentesting-web/domain-subdomain-takeover.md +++ b/pentesting-web/domain-subdomain-takeover.md @@ -120,3 +120,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/email-injections.md b/pentesting-web/email-injections.md index 861cb121f64..ea8dc7c7faf 100644 --- a/pentesting-web/email-injections.md +++ b/pentesting-web/email-injections.md @@ -247,3 +247,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks\&utm_medium=text\ Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=email-injections" %} + diff --git a/pentesting-web/file-inclusion/README.md b/pentesting-web/file-inclusion/README.md index 0d87a5116b4..128b33c10ce 100644 --- a/pentesting-web/file-inclusion/README.md +++ b/pentesting-web/file-inclusion/README.md @@ -771,3 +771,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/file-inclusion/lfi2rce-via-compress.zlib-+-php_stream_prefer_studio-+-path-disclosure.md b/pentesting-web/file-inclusion/lfi2rce-via-compress.zlib-+-php_stream_prefer_studio-+-path-disclosure.md index bfd8bb733ef..6f9c8750584 100644 --- a/pentesting-web/file-inclusion/lfi2rce-via-compress.zlib-+-php_stream_prefer_studio-+-path-disclosure.md +++ b/pentesting-web/file-inclusion/lfi2rce-via-compress.zlib-+-php_stream_prefer_studio-+-path-disclosure.md @@ -67,3 +67,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/file-inclusion/lfi2rce-via-eternal-waiting.md b/pentesting-web/file-inclusion/lfi2rce-via-eternal-waiting.md index 252446f05a3..7458e3842f9 100644 --- a/pentesting-web/file-inclusion/lfi2rce-via-eternal-waiting.md +++ b/pentesting-web/file-inclusion/lfi2rce-via-eternal-waiting.md @@ -127,3 +127,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md b/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md index 78c85e3e689..6d3f0c0d489 100644 --- a/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md +++ b/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md @@ -74,3 +74,4 @@ Learn & practice GCP Hacking: {% endhint %} ``` + diff --git a/pentesting-web/file-inclusion/lfi2rce-via-php-filters.md b/pentesting-web/file-inclusion/lfi2rce-via-php-filters.md index e7ae44af60c..1b2daae0e3e 100644 --- a/pentesting-web/file-inclusion/lfi2rce-via-php-filters.md +++ b/pentesting-web/file-inclusion/lfi2rce-via-php-filters.md @@ -303,3 +303,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/file-inclusion/lfi2rce-via-phpinfo.md b/pentesting-web/file-inclusion/lfi2rce-via-phpinfo.md index 8b9ee626800..ff9af12588f 100644 --- a/pentesting-web/file-inclusion/lfi2rce-via-phpinfo.md +++ b/pentesting-web/file-inclusion/lfi2rce-via-phpinfo.md @@ -103,3 +103,4 @@ Learn & practice GCP Hacking: -{% endhint %} \ No newline at end of file +{% endhint %} diff --git a/pentesting-web/file-inclusion/lfi2rce-via-temp-file-uploads.md b/pentesting-web/file-inclusion/lfi2rce-via-temp-file-uploads.md index 80797472a3b..f6c7f60fbba 100644 --- a/pentesting-web/file-inclusion/lfi2rce-via-temp-file-uploads.md +++ b/pentesting-web/file-inclusion/lfi2rce-via-temp-file-uploads.md @@ -66,3 +66,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/file-inclusion/via-php_session_upload_progress.md b/pentesting-web/file-inclusion/via-php_session_upload_progress.md index 0c5a0dc5dca..f9ee1501947 100644 --- a/pentesting-web/file-inclusion/via-php_session_upload_progress.md +++ b/pentesting-web/file-inclusion/via-php_session_upload_progress.md @@ -63,4 +63,4 @@ Learn & practice GCP Hacking: -{% endhint %} \ No newline at end of file +{% endhint %} diff --git a/pentesting-web/file-upload/README.md b/pentesting-web/file-upload/README.md index a8e6c609781..6a7ba150839 100644 --- a/pentesting-web/file-upload/README.md +++ b/pentesting-web/file-upload/README.md @@ -361,3 +361,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/file-upload/pdf-upload-xxe-and-cors-bypass.md b/pentesting-web/file-upload/pdf-upload-xxe-and-cors-bypass.md index cddbfb1a5d5..e762791ea4e 100644 --- a/pentesting-web/file-upload/pdf-upload-xxe-and-cors-bypass.md +++ b/pentesting-web/file-upload/pdf-upload-xxe-and-cors-bypass.md @@ -31,3 +31,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/formula-csv-doc-latex-ghostscript-injection.md b/pentesting-web/formula-csv-doc-latex-ghostscript-injection.md index 68bfeea4b11..6320026b4a3 100644 --- a/pentesting-web/formula-csv-doc-latex-ghostscript-injection.md +++ b/pentesting-web/formula-csv-doc-latex-ghostscript-injection.md @@ -225,3 +225,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/grpc-web-pentest.md b/pentesting-web/grpc-web-pentest.md index 3b6e96453b2..3c3ad2b59dd 100644 --- a/pentesting-web/grpc-web-pentest.md +++ b/pentesting-web/grpc-web-pentest.md @@ -160,4 +160,4 @@ Learn & practice GCP Hacking: -{% endhint %} \ No newline at end of file +{% endhint %} diff --git a/pentesting-web/h2c-smuggling.md b/pentesting-web/h2c-smuggling.md index 4e4778bc66c..25c7f87403d 100644 --- a/pentesting-web/h2c-smuggling.md +++ b/pentesting-web/h2c-smuggling.md @@ -120,3 +120,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/hacking-jwt-json-web-tokens.md b/pentesting-web/hacking-jwt-json-web-tokens.md index 38431974e60..87892e89c08 100644 --- a/pentesting-web/hacking-jwt-json-web-tokens.md +++ b/pentesting-web/hacking-jwt-json-web-tokens.md @@ -302,3 +302,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/http-connection-contamination.md b/pentesting-web/http-connection-contamination.md index 881466d7aec..907fd42b0f0 100644 --- a/pentesting-web/http-connection-contamination.md +++ b/pentesting-web/http-connection-contamination.md @@ -45,3 +45,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/http-connection-request-smuggling.md b/pentesting-web/http-connection-request-smuggling.md index 45296f7ceec..96e3a8654f3 100644 --- a/pentesting-web/http-connection-request-smuggling.md +++ b/pentesting-web/http-connection-request-smuggling.md @@ -63,3 +63,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/http-response-smuggling-desync.md b/pentesting-web/http-response-smuggling-desync.md index f682e30b32e..b01eaa49b70 100644 --- a/pentesting-web/http-response-smuggling-desync.md +++ b/pentesting-web/http-response-smuggling-desync.md @@ -157,3 +157,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/idor.md b/pentesting-web/idor.md index a9ad6d34ba9..bde21e99172 100644 --- a/pentesting-web/idor.md +++ b/pentesting-web/idor.md @@ -33,3 +33,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/ldap-injection.md b/pentesting-web/ldap-injection.md index 819ca425e4e..14ddd133040 100644 --- a/pentesting-web/ldap-injection.md +++ b/pentesting-web/ldap-injection.md @@ -256,3 +256,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/nosql-injection.md b/pentesting-web/nosql-injection.md index bd2c16ac10c..5dc8ea2b856 100644 --- a/pentesting-web/nosql-injection.md +++ b/pentesting-web/nosql-injection.md @@ -304,3 +304,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&u Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=nosql-injection" %} + diff --git a/pentesting-web/oauth-to-account-takeover.md b/pentesting-web/oauth-to-account-takeover.md index 040075d514d..c33730c3047 100644 --- a/pentesting-web/oauth-to-account-takeover.md +++ b/pentesting-web/oauth-to-account-takeover.md @@ -266,3 +266,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/open-redirect.md b/pentesting-web/open-redirect.md index 5faee5c9325..94a8ebbbf04 100644 --- a/pentesting-web/open-redirect.md +++ b/pentesting-web/open-redirect.md @@ -224,3 +224,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/orm-injection.md b/pentesting-web/orm-injection.md index c1a0b109e41..34d6cd9198f 100644 --- a/pentesting-web/orm-injection.md +++ b/pentesting-web/orm-injection.md @@ -363,3 +363,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/parameter-pollution.md b/pentesting-web/parameter-pollution.md index 7b6f5568346..b2a526a810b 100644 --- a/pentesting-web/parameter-pollution.md +++ b/pentesting-web/parameter-pollution.md @@ -263,3 +263,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/phone-number-injections.md b/pentesting-web/phone-number-injections.md index 5e7a145335e..97331b8dffe 100644 --- a/pentesting-web/phone-number-injections.md +++ b/pentesting-web/phone-number-injections.md @@ -43,3 +43,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/proxy-waf-protections-bypass.md b/pentesting-web/proxy-waf-protections-bypass.md index c1f44e75b33..d791df2bfda 100644 --- a/pentesting-web/proxy-waf-protections-bypass.md +++ b/pentesting-web/proxy-waf-protections-bypass.md @@ -235,3 +235,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/race-condition.md b/pentesting-web/race-condition.md index 234aa35c496..37574d9478b 100644 --- a/pentesting-web/race-condition.md +++ b/pentesting-web/race-condition.md @@ -438,3 +438,4 @@ Use [**Trickest**](https://trickest.com/?utm\_source=hacktricks\&utm\_medium=tex Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=race-condition" %} + diff --git a/pentesting-web/rate-limit-bypass.md b/pentesting-web/rate-limit-bypass.md index 594f50ec859..d6ea986c15e 100644 --- a/pentesting-web/rate-limit-bypass.md +++ b/pentesting-web/rate-limit-bypass.md @@ -97,3 +97,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks\&utm_medium=text\ Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=rate-limit-bypass" %} + diff --git a/pentesting-web/registration-vulnerabilities.md b/pentesting-web/registration-vulnerabilities.md index f2f3286efbe..456e4143e10 100644 --- a/pentesting-web/registration-vulnerabilities.md +++ b/pentesting-web/registration-vulnerabilities.md @@ -208,3 +208,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/regular-expression-denial-of-service-redos.md b/pentesting-web/regular-expression-denial-of-service-redos.md index f8ac0b77bc8..a79175fb0da 100644 --- a/pentesting-web/regular-expression-denial-of-service-redos.md +++ b/pentesting-web/regular-expression-denial-of-service-redos.md @@ -107,3 +107,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/reset-password.md b/pentesting-web/reset-password.md index 5d67c7f7c7d..ee4bdf8b03d 100644 --- a/pentesting-web/reset-password.md +++ b/pentesting-web/reset-password.md @@ -243,3 +243,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/reverse-tab-nabbing.md b/pentesting-web/reverse-tab-nabbing.md index e1de8a70f96..4b2ce4c4bce 100644 --- a/pentesting-web/reverse-tab-nabbing.md +++ b/pentesting-web/reverse-tab-nabbing.md @@ -121,3 +121,4 @@ Learn & practice GCP Hacking: -{% endhint %} \ No newline at end of file +{% endhint %} diff --git a/pentesting-web/timing-attacks.md b/pentesting-web/timing-attacks.md index c13964b414b..56bbfee98d5 100644 --- a/pentesting-web/timing-attacks.md +++ b/pentesting-web/timing-attacks.md @@ -64,3 +64,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/uuid-insecurities.md b/pentesting-web/uuid-insecurities.md index 5ef87783dfa..362287dfa73 100644 --- a/pentesting-web/uuid-insecurities.md +++ b/pentesting-web/uuid-insecurities.md @@ -90,3 +90,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/web-tool-wfuzz.md b/pentesting-web/web-tool-wfuzz.md index 7e860b0b99e..37d815d20a3 100644 --- a/pentesting-web/web-tool-wfuzz.md +++ b/pentesting-web/web-tool-wfuzz.md @@ -180,3 +180,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/web-vulnerabilities-methodology.md b/pentesting-web/web-vulnerabilities-methodology.md index 9289a3aaaa1..68b0dbfd81f 100644 --- a/pentesting-web/web-vulnerabilities-methodology.md +++ b/pentesting-web/web-vulnerabilities-methodology.md @@ -174,3 +174,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/websocket-attacks.md b/pentesting-web/websocket-attacks.md index 8285c0c1a54..c3487d71481 100644 --- a/pentesting-web/websocket-attacks.md +++ b/pentesting-web/websocket-attacks.md @@ -200,3 +200,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/xpath-injection.md b/pentesting-web/xpath-injection.md index 10c7bc752c0..cf6bcfa725f 100644 --- a/pentesting-web/xpath-injection.md +++ b/pentesting-web/xpath-injection.md @@ -347,3 +347,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/xs-search.md b/pentesting-web/xs-search.md index c864b888947..1a15d37fe4f 100644 --- a/pentesting-web/xs-search.md +++ b/pentesting-web/xs-search.md @@ -979,3 +979,4 @@ Use [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=ba Get Access Today: {% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %} + diff --git a/pentesting-web/xslt-server-side-injection-extensible-stylesheet-language-transformations.md b/pentesting-web/xslt-server-side-injection-extensible-stylesheet-language-transformations.md index 7d9b564687a..484684ac298 100644 --- a/pentesting-web/xslt-server-side-injection-extensible-stylesheet-language-transformations.md +++ b/pentesting-web/xslt-server-side-injection-extensible-stylesheet-language-transformations.md @@ -460,3 +460,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/xssi-cross-site-script-inclusion.md b/pentesting-web/xssi-cross-site-script-inclusion.md index b86a224e383..5ec3f38d421 100644 --- a/pentesting-web/xssi-cross-site-script-inclusion.md +++ b/pentesting-web/xssi-cross-site-script-inclusion.md @@ -105,3 +105,4 @@ Learn & practice GCP Hacking: {% endhint %} + diff --git a/pentesting-web/xxe-xee-xml-external-entity.md b/pentesting-web/xxe-xee-xml-external-entity.md index 8cf4c6b1ca5..15bb6815626 100644 --- a/pentesting-web/xxe-xee-xml-external-entity.md +++ b/pentesting-web/xxe-xee-xml-external-entity.md @@ -809,3 +809,4 @@ Learn & practice GCP Hacking: {% endhint %} +