Awesome-Mirrors/awesome-web-security
1
0
Fork 0
mirror of https://github.com/qazbnm456/awesome-web-security.git synced 2024-10-01 03:15:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #67 from ievans/patch-1

Browse Source
This commit is contained in:
Boik 2020-07-29 11:50:14 +08:00 committed by GitHub
commit c844df87c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -53,6 +53,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [DNS Rebinding](#dns-rebinding)
- [Deserialization](#deserialization)
- [OAuth](#oauth)
- [JWT](#jwt)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
@ -350,6 +351,10 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Introduction to OAuth 2.0 and OpenID Connect](https://pragmaticwebsecurity.com/courses/introduction-oauth-oidc.html) - Written by [@PhilippeDeRyck](https://twitter.com/PhilippeDeRyck).
- [What is going on with OAuth 2.0? And why you should not use it for authentication.](https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611) - Written by [@damianrusinek](https://medium.com/@damianrusinek).
<a name="jwt"></a>
### JWT
- [Hardcoded secrets, unverified tokens, and other common JWT mistakes](https://r2c.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/) - Written by [@ermil0v](https://twitter.com/ermil0v).
## Evasions
<a name="evasions-xxe"></a>