https://book.hacktricks.xyz/pentesting-web/csrf-cross-site-request-forgery
CSRF (Cross Site Request Forgery) - HackTricks
Steal CSRF Token and send a Post request using an iframe, a form and Ajax
book.hacktricks.xyz
| wordpress 대표적인 취약점 정리 (0) | 2022.04.29 |
|---|---|
| Wordpress 정리 (0) | 2022.04.29 |
| graphql insql (0) | 2022.04.23 |
| xinha 에디터 추가 (0) | 2022.04.20 |
| aspx 웹쉘 참고 (0) | 2022.04.19 |
wtdsoul
https://github.com/doyensec/inql
GitHub - doyensec/inql: InQL - A Burp Extension for GraphQL Security Testing
InQL - A Burp Extension for GraphQL Security Testing - GitHub - doyensec/inql: InQL - A Burp Extension for GraphQL Security Testing
github.com
https://blog.assetnote.io/2021/08/29/exploiting-graphql/
Exploiting GraphQL
Application security issues found by Assetnote
blog.assetnote.io
https://www.jython.org/download
Downloads
The Python runtime on the JVM
www.jython.org
https://book.hacktricks.xyz/pentesting/pentesting-web/graphql
GraphQL - HackTricks
If you can search by a string type, like: query={theusers(description: ""){username,password}} and you search for an empty string it will dump all data. (Note this example isn't related with the example of the tutorials, for this example suppose you can se
book.hacktricks.xyz
| Wordpress 정리 (0) | 2022.04.29 |
|---|---|
| CSRF 참고 hacktricks (0) | 2022.04.23 |
| xinha 에디터 추가 (0) | 2022.04.20 |
| aspx 웹쉘 참고 (0) | 2022.04.19 |
| HTTP Request Smuggling (0) | 2022.04.09 |
wtdsoul
