Table of Contents Username enumeration via different responses 2FA simple bypass Password reset broken logic Username enumeration via subtly different responses Username enumeration via...

Table of Contents Basic SSRF against the local server Basic SSRF against another back-end system SSRF with blacklist-based input filter SSRF with filter bypass via open redirection vulner...

Table of Contents Remote code execution via web shell upload Web shell upload via Content-Type restriction bypass Web shell upload via path traversal Web shell upload via extension blackl...

Table of Contents OS command injection, simple case Blind OS command injection with time delays Blind OS command injection with output redirection Blind OS command injection with out-of-b...

Table of Contents CORS vulnerability with basic origin reflection CORS vulnerability with trusted null origin CORS vulnerability with trusted insecure protocols CORS vulnerability wit...

Reflected XSS into HTML context with nothing encoded Goal: perform a cross-site scripting attack that calls the alert function. just try the basic xss payload <script>alert(1)</s...