Awesome-Mirrors/awesome-web-security
1
0
Fork 0
mirror of https://github.com/qazbnm456/awesome-web-security.git synced 2024-06-29 12:12:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Boik 2019-11-05 23:24:25 +08:00
parent ca3feb1a9a
commit 2987f4da90
3 changed files with 24 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README-jp.md
View File

@ -52,6 +52,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Books](#books)
- [DNS Rebinding](#dns-rebinding)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
- [WAF](#evasions-waf)
- [JSMVC](#evasions-jsmvc)
@ -328,6 +329,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
## Evasions
<a name="evasions-xxe"></a>
### XXE
- [Bypass Fix of OOB XXE Using Different encoding](https://twitter.com/SpiderSec/status/1191375472690528256) - Written by [@SpiderSec](https://twitter.com/SpiderSec).
<a name="evasions-csp"></a>
### CSP
@ -407,7 +413,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
<a name="tricks-sql-injection"></a>
### SQL Injection
- [MySQL Error Based SQL Injection Using EXP](https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf) - Written by [@osandamalith](https://twitter.com/osandamalith).
- [MySQL Error Based SQL Injection Using EXP](https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf) - Written by [@osandamalith](https://twitter.com/osandamalith).
- [SQL injection in an UPDATE query - a bug bounty story!](http://zombiehelp54.blogspot.jp/2017/02/sql-injection-in-update-query-bug.html) - Written by [Zombiehelp54](http://zombiehelp54.blogspot.jp/).
- [GitHub Enterprise SQL Injection](http://blog.orange.tw/2017/01/bug-bounty-github-enterprise-sql-injection.html) - Written by [Orange](http://blog.orange.tw/).
- [Making a Blind SQL Injection a little less blind](https://medium.com/@tomnomnom/making-a-blind-sql-injection-a-little-less-blind-428dcb614ba8) - Written by [TomNomNom](https://twitter.com/TomNomNom).
@ -715,6 +721,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Dnslogger](https://wiki.skullsecurity.org/index.php?title=Dnslogger) - DNS Logger by [@iagox86](https://github.com/iagox86).
- [CyberChef](https://github.com/gchq/CyberChef) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by [@GCHQ](https://github.com/gchq).
- [ntlm_challenger](https://github.com/b17zr/ntlm_challenger) - Parse NTLM over HTTP challenge messages by [@b17zr](https://github.com/b17zr).
## Social Engineering Database

9
README-zh.md
View File

@ -52,6 +52,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Books](#books)
- [DNS Rebinding](#dns-rebinding)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
- [WAF](#evasions-waf)
- [JSMVC](#evasions-jsmvc)
@ -354,6 +355,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
## Evasions
<a name="evasions-xxe"></a>
### XXE
- [Bypass Fix of OOB XXE Using Different encoding](https://twitter.com/SpiderSec/status/1191375472690528256) - Written by [@SpiderSec](https://twitter.com/SpiderSec).
<a name="evasions-csp"></a>
### CSP
@ -440,7 +446,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [屌智硬之mysql不用逗号注入](http://www.jinglingshu.org/?p=2220) - Written by [jinglingshu](http://www.jinglingshu.org/?p=2220).
- [见招拆招绕过WAF继续SQL注入常用方法](http://www.freebuf.com/articles/web/36683.html) - Written by [mikey](http://www.freebuf.com/author/mikey).
- [MySQL Error Based SQL Injection Using EXP](https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf) - Written by [@osandamalith](https://twitter.com/osandamalith).
- [MySQL Error Based SQL Injection Using EXP](https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf) - Written by [@osandamalith](https://twitter.com/osandamalith).
- [SQL injection in an UPDATE query - a bug bounty story!](http://zombiehelp54.blogspot.jp/2017/02/sql-injection-in-update-query-bug.html) - Written by [Zombiehelp54](http://zombiehelp54.blogspot.jp/).
- [GitHub Enterprise SQL Injection](http://blog.orange.tw/2017/01/bug-bounty-github-enterprise-sql-injection.html) - Written by [Orange](http://blog.orange.tw/).
- [Making a Blind SQL Injection a little less blind](https://medium.com/@tomnomnom/making-a-blind-sql-injection-a-little-less-blind-428dcb614ba8) - Written by [TomNomNom](https://twitter.com/TomNomNom).
@ -759,6 +765,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Dnslogger](https://wiki.skullsecurity.org/index.php?title=Dnslogger) - DNS Logger by [@iagox86](https://github.com/iagox86).
- [CyberChef](https://github.com/gchq/CyberChef) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by [@GCHQ](https://github.com/gchq).
- [ntlm_challenger](https://github.com/b17zr/ntlm_challenger) - Parse NTLM over HTTP challenge messages by [@b17zr](https://github.com/b17zr).
## Social Engineering Database

9
README.md
View File

@ -52,6 +52,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Books](#books)
- [DNS Rebinding](#dns-rebinding)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
- [WAF](#evasions-waf)
- [JSMVC](#evasions-jsmvc)
@ -325,6 +326,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
## Evasions
<a name="evasions-xxe"></a>
### XXE
- [Bypass Fix of OOB XXE Using Different encoding](https://twitter.com/SpiderSec/status/1191375472690528256) - Written by [@SpiderSec](https://twitter.com/SpiderSec).
<a name="evasions-csp"></a>
### CSP
@ -403,7 +409,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
<a name="tricks-sql-injection"></a>
### SQL Injection
- [MySQL Error Based SQL Injection Using EXP](https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf) - Written by [@osandamalith](https://twitter.com/osandamalith).
- [MySQL Error Based SQL Injection Using EXP](https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf) - Written by [@osandamalith](https://twitter.com/osandamalith).
- [SQL injection in an UPDATE query - a bug bounty story!](http://zombiehelp54.blogspot.jp/2017/02/sql-injection-in-update-query-bug.html) - Written by [Zombiehelp54](http://zombiehelp54.blogspot.jp/).
- [GitHub Enterprise SQL Injection](http://blog.orange.tw/2017/01/bug-bounty-github-enterprise-sql-injection.html) - Written by [Orange](http://blog.orange.tw/).
- [Making a Blind SQL Injection a little less blind](https://medium.com/@tomnomnom/making-a-blind-sql-injection-a-little-less-blind-428dcb614ba8) - Written by [TomNomNom](https://twitter.com/TomNomNom).
@ -710,6 +716,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Dnslogger](https://wiki.skullsecurity.org/index.php?title=Dnslogger) - DNS Logger by [@iagox86](https://github.com/iagox86).
- [CyberChef](https://github.com/gchq/CyberChef) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by [@GCHQ](https://github.com/gchq).
- [ntlm_challenger](https://github.com/b17zr/ntlm_challenger) - Parse NTLM over HTTP challenge messages by [@b17zr](https://github.com/b17zr).
## Social Engineering Database