Notes
Search
Ctrl
K
Cancel
GitHub
Select theme
Dark
Light
Auto
Web Vulnerabilities
Cross-Site Scripting
XML External Entity
Broken Access Control
Broken Authentication
JWT attacks
Mass Assignment
NoSQL Injection
Open redirect
Path Traversal
Race Conditions
SQL Injection
SSRF
SSTI
WebSockets
API Vulnerabilities
Authentication
Broken Function Level Authorisation
Broken Object Level Authorisation
Excessive Data Exposure
Mass Assignment
SQL Injection
Server-Side Request Forgery
AI Hacking
Probing Prompts
Hacking Tools
FFUF
Hashcat
subfinder
Bug Bounty
Recon
PortSwigger
2FA simple bypass
Basic server-side template injection
Basic server-side template injection (code context)
Blind XXE with out-of-band interaction
Cross-site WebSocket hijacking
Detecting NoSQL injection
Exploiting NoSQL injection to extract data
Exploiting NoSQL operator injection to bypass authentication
Exploiting NoSQL operator injection to extract unknown fields
Limit overrun race conditions
Multi-endpoint race conditions
Password reset broken logic
Single-endpoint race conditions
Username enumeration via different responses
Username enumeration via subtly different responses
TryHackMe
NoSQL Injection
Rabbit Store
Server-side Template Injection
HackTheBox
Secret
Pentest
Methodology
Information Gathering
Discovering Hidden Parameters
API Hacking
Git
Notetaking template
Report Template
AWS
Programming
Flask
Git
Github Actions
OSWE Prep
OSWE Prep
GitHub
Select theme
Dark
Light
Auto
Secret
Recon
Section titled “Recon”
nmap
Section titled “nmap”
HTTP (80)
Section titled “HTTP (80)”
HTTP (3000)
Section titled “HTTP (3000)”
Source Analysis
Section titled “Source Analysis”
Shell as dasith
Section titled “Shell as dasith”
Forge JWT
Section titled “Forge JWT”
Command injection
Section titled “Command injection”
Shell as root
Section titled “Shell as root”
Enumeration
Section titled “Enumeration”
Exploit file Descriptors
Section titled “Exploit file Descriptors”
Exploit Crash Dump
Section titled “Exploit Crash Dump”
SSH
Section titled “SSH”
