Awesome-Mirrors
/
awesome-web-security
mirror of https://github.com/qazbnm456/awesome-web-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add articles

This commit is contained in:
Boik 2020-07-29 20:30:38 +08:00
parent c844df87c3
commit fc02dcab8c
3 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README-jp.md
View File

@ -53,6 +53,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [DNS Rebinding](#dns-rebinding)
- [Deserialization](#deserialization)
- [OAuth](#oauth)
- [JWT](#jwt)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
@ -125,6 +126,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
- [tl;dr sec](https://tldrsec.com/) - Weekly summary of top security tools, blog posts, and security research.
## Forums
@ -352,6 +354,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Introduction to OAuth 2.0 and OpenID Connect](https://pragmaticwebsecurity.com/courses/introduction-oauth-oidc.html) - Written by [@PhilippeDeRyck](https://twitter.com/PhilippeDeRyck).
- [What is going on with OAuth 2.0? And why you should not use it for authentication.](https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611) - Written by [@damianrusinek](https://medium.com/@damianrusinek).
<a name="jwt"></a>
### JWT
- [Hardcoded secrets, unverified tokens, and other common JWT mistakes](https://r2c.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/) - Written by [@ermil0v](https://twitter.com/ermil0v).
## Evasions
<a name="evasions-xxe"></a>

7
README-zh.md
View File

@ -53,6 +53,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [DNS Rebinding](#dns-rebinding)
- [Deserialization](#deserialization)
- [OAuth](#oauth)
- [JWT](#jwt)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
@ -129,6 +130,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
- [Got Your PW](https://gotyour.pw/) - Written by [@s3131212](https://github.com/s3131212).
- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
- [tl;dr sec](https://tldrsec.com/) - Weekly summary of top security tools, blog posts, and security research.
## Forums
@ -375,6 +377,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [What is going on with OAuth 2.0? And why you should not use it for authentication.](https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611) - Written by [@damianrusinek](https://medium.com/@damianrusinek).
- [關於OAuth 2.0-以Facebook為例](https://medium.com/@justinlee_78563/%E9%97%9C%E6%96%BCoauth-2-0-%E4%BB%A5facebook%E7%82%BA%E4%BE%8B-6f78a4a55f52) - Written by [@justinlee_78563](https://medium.com/@justinlee_78563).
<a name="jwt"></a>
### JWT
- [Hardcoded secrets, unverified tokens, and other common JWT mistakes](https://r2c.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/) - Written by [@ermil0v](https://twitter.com/ermil0v).
## Evasions
<a name="evasions-xxe"></a>

3
README.md
View File

@ -53,7 +53,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [DNS Rebinding](#dns-rebinding)
- [Deserialization](#deserialization)
- [OAuth](#oauth)
- [JWT](#jwt)
- [JWT](#jwt)
- [Evasions](#evasions)
- [XXE](#evasions-xxe)
- [CSP](#evasions-csp)
@ -353,6 +353,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
<a name="jwt"></a>
### JWT
- [Hardcoded secrets, unverified tokens, and other common JWT mistakes](https://r2c.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/) - Written by [@ermil0v](https://twitter.com/ermil0v).
## Evasions