b248115a58 | ||
---|---|---|
.gitignore | ||
CONTRIBUTING.md | ||
README.md |
README.md
Awesome Web Security
🐶 A curated list of Web Security materials and resources.
Please read the contribution guidelines before contributing.
🌈 Want to strengthen your penetration skills?
I would recommend to play some awesome-ctfs.
Check out my repos 🐾 or say hi on my Twitter.
Menu
Resource
SQL Injection
XML
- XML实体攻击 - 从内网探测到命令执行步步惊心, written by 张天琪.
Evasion
CSP
Trick
SQL Injection
- 屌智硬之mysql不用逗号注入, written by jinglingshu.
- 见招拆招:绕过WAF继续SQL注入常用方法, written by mikey.
Tool
Code Generating
- VWGen - Vulnerable Web applications Generator by @qazbnm456.
Fuzzing
Detecting
- sqlchop - [DEPRECATED] A novel SQL injection detection engine built on top of SQL tokenizing and syntax analysis by chaitin.
Blog
- Broken Browser - Fun with Browser Vulnerabilities.
Miscellaneous
License
To the extent possible under law, Sindre Sorhus has waived all copyright and related or neighboring rights to this work.