Skip to content

In this repository I'll host my research and methodologies for auditing vulnerabilities

Notifications You must be signed in to change notification settings

OlivierLaflamme/Auditing-Vulnerabilities

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Auditing-Vulnerabilities

In this repository I'll host my research and methodologies for auditing vulnerabilities. Some of these concepts are new to me and I just want to udnerstand them document them, and have a quick reference for these vectors. Perpetually in the works.
Some of my images are in chinese. I've got a few chinese VM's that I use so dont be shocked. And whatever text is in chinese you should understand / have seen similar interfaces to wit in your past. (我提供了的一些中文图片信息,因为我有少量虚拟机。你应该能够理解我提供的中文信息,并且你很可能已经通过别的渠道见过了。)


XXE

Talking about JAVA and PHP XXE. I'll be documenting what I've learned going over basic concepts, from their i'll document basic principle / methodology, its utilization how can be audited, and defense.
0x0 XXE Attack Methodes | The Quick and Dirty & Defense
0x1 Introduction
0x2 Restrictions to XML XXE
0x3 Summary of Use
0x4 Everything JAVA
0x5 Everything PHP
0x6 The 1 Python Thing

CSRF

Discuss what is CSRF and some techniques for how I bypass CSRF defenses.
0x0 CSRF Introduction
0x1 Bypassing WAF Defense
0x2 Defense
0x3 CSRF CTF

SSRF

Looking into SSRF what they are and how its vector works / affects. Generally, SSRF attacks target internal systems that are not accessible from the external network. Lets figure out how...
0x0 Understanding SSRF
0x1 SSRF Bypassing
0x2 SSRF Defense
0x3 SSRF Python Bypassing
0x4 SSRF in CTF's
0x5 SSRF MAP

HTTP Smuggling

Talking about HTTP-Smuggling and how it leverages the different ways that a particularly crafted HTTP message can be parsed and interpreted by different agents (browsers, web caches, application firewalls)...
0x0 HTTP-Smuggling
0x1 Preventing HTTP-Smuggling & Defense
0x2 HTTP-Smuggling CTF

CSP

Learning about CSP (Content Security Policy) why its used and how to bypass.
0x0 About CSP
0x1 Bypassing CSP
0x2 CSP Defense
0x3 CSP CTF

WAF

0x0 Bypassing WAF at HTTP protocl level

CORS

Cross-domain resource sharing (cors) can relax the browser's same-origin policy, allowing different websites and different servers to communicate through the browser. Exploring how this vector works and how to defend against it.

CRLF

TODO

Reading arbitrary files via directory traversal

TODO


References and Related Materials:

XXE References
CSP References
HTTP-Hijacking References
SSRF References
CSRF References
WAF References


TODO:

  1. Improve XXE PHP File it's kinda crappy as it stands.
  2. CSRF improuve.
  3. WAF section is somewhere in the ether.
  4. "Understanding SSRF" format isnt compliant with other documents - bad formatting
  5. SSRF Bypassing needs to add / fix php and python
  6. ADD WAF and CSRF Reference material and linkes i find smart and useful
  7. a lot of work and time needs to be invested in CSRF

About

In this repository I'll host my research and methodologies for auditing vulnerabilities

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages