Web-Security

A repository to record my usual studies.

Some knowledge mainly learned from CTF, if you want to come to learn frontier technology, go around.

And Please ignore my poor English，Of course, for my own convenience, I may use Chinese in the specific file descriptions

Preface

In the blink of an eye, half of the sophomore year has also passed, here learning web security is also close to half a year, this half-year stumble also gained a lot, intend to create a new warehouse to record the future learning situation, and collect some good information

Y4tacker

Recorded on Dec 27, 2020

Programming Languages

Programming Languages
- Description:A branch for documenting security issues in programming languages,such as Java、Python、PHP、Nodejs、 and so on.

Middleware

Middleware
- Description:A branch for documenting middleware security issues

JWT

JsonWebToken
- Description:A branch for documenting some security issues about jwt.

SSRF

Server-Side Request Forgery
- Description:A branch for documenting some security issues about ssrf.

SSTI

Server-side template injection
- Description:A branch for documenting some security issues about ssti.

XXE

XML External Entity Injection Mini Notes
- Description:A branch for documenting some security issues about xxe.

SQLI

SQL Injection Mini Notes
- Description:A branch for documenting some security issues about sqli.

Penetration test

Penetration Testing Mini Notes
- Description: A branch for documenting penetration testing study materials

Blockchain

Blockchain Mini Notes
- Description: A branch for documenting blockchain study materials，though it is not belong to web application, but just for fun.

Bypass-disable-functions

Bypass-disable-functions
- Description:Bypass-disable-functions

Unserialize

Unserialize
- Description:A branch for documenting something about unserialize.

POC-Collect

Description:A branch for documenting something about useful poc or exp.

Shell

Description:A branch for documenting something about my study for writing shell.

AWD

Description:Something prepared for awd.

WP

Write-up for training
- Description: A branch for documenting my training
Personal questioning record
- Description: My own questions for the competition

Link Sharing

PayloadsAllTheThings
- Description:A list of useful payloads and bypasses for Web Application Security.
Generate string from regexp
- Description:Generating strings by regular expressions

Name		Name	Last commit message	Last commit date
Latest commit History 187 Commits
AWD		AWD
Blockchain		Blockchain
Bypass-disable-functions		Bypass-disable-functions
CommonlyUsedScripts		CommonlyUsedScripts
JWT		JWT
Middleware		Middleware
POC-Collect		POC-Collect
PenetrationTest		PenetrationTest
ProgrammingLanguages		ProgrammingLanguages
SHELL/php		SHELL/php
SQLI		SQLI
SSRF		SSRF
SSTI		SSTI
Unserialize		Unserialize
WP		WP
XXE		XXE
其他		其他
出题记录		出题记录
安全研究/PDO的ATTR_EMULATE_PREPARES属性带来的安全问题		安全研究/PDO的ATTR_EMULATE_PREPARES属性带来的安全问题
框架漏洞AndCMS审计		框架漏洞AndCMS审计
README.md		README.md

Y4tacker/Web-Security

Folders and files

Latest commit

History

Repository files navigation