Update open-redirect.md

This commit is contained in:
SirBroccoli 2025-10-01 11:23:52 +02:00 committed by GitHub
parent f3e6eea33a
commit 57903e3606
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -277,15 +277,13 @@ git clone https://github.com/devanshbatham/OpenRedireX && cd OpenRedireX && ./se
cat list_of_urls.txt | ./openredirex.py -p payloads.txt -k FUZZ -c 50
```
## Resources
## References
- In https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect you can find fuzzing lists.
- [https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html](https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html)
- [https://github.com/cujanovic/Open-Redirect-Payloads](https://github.com/cujanovic/Open-Redirect-Payloads)
- [https://infosecwriteups.com/open-redirects-bypassing-csrf-validations-simplified-4215dc4f180a](https://infosecwriteups.com/open-redirects-bypassing-csrf-validations-simplified-4215dc4f180a)
## References
- PortSwigger Web Security Academy DOM-based open redirection: https://portswigger.net/web-security/dom-based/open-redirection
- OpenRedireX A fuzzer for detecting open redirect vulnerabilities: https://github.com/devanshbatham/OpenRedireX
{{#include ../banners/hacktricks-training.md}}