maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add content from: Research Update: Enhanced src/pentesting-web/web-vulnerabili...

Browse Source
This commit is contained in:
HackTricks News Bot 2025-07-21 16:28:13 +00:00
parent 81c7593767
commit a94ce50af1
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/pentesting-web/web-vulnerabilities-methodology.md
View File

@ -101,6 +101,8 @@ Some **specific functionalities** may be also vulnerable if a **specific format
- [ ] [**Email Header Injection**](email-injections.md)
- [ ] [**JWT Vulnerabilities**](hacking-jwt-json-web-tokens.md)
- [ ] [**XML External Entity**](xxe-xee-xml-external-entity.md)
- [ ] [**GraphQL Attacks**](../network-services-pentesting/pentesting-web/graphql.md)
- [ ] [**gRPC-Web Attacks**](grpc-web-pentest.md)
### Files
@ -128,7 +130,10 @@ These vulnerabilities might help to exploit other vulnerabilities.
- [ ] [**Unicode Normalization vulnerability**](unicode-injection/index.html)
## References
* [GraphQL vulnerabilities and common attacks seen in the wild (Security Boulevard, 2024)](https://securityboulevard.com/2024/08/graphql-vulnerabilities-and-common-attacks-seen-in-the-wild/)
* [gRPC-Go HTTP/2 Rapid Reset advisory (GitHub Security Advisory, 2023)](https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g)
{{#include ../banners/hacktricks-training.md}}