# Web Vulnerabilities Methodology

{{#include ../banners/hacktricks-training.md}}

Katika kila Web Pentest, kuna **sehemu kadhaa zilizofichwa na wazi ambazo zinaweza kuwa na udhaifu**. Kichwa hiki kinakusudia kuwa orodha ya kuangalia ili kuthibitisha kwamba umepitia udhaifu katika maeneo yote yanayowezekana.

## Proxies

> [!TIP]
> Sasa hivi **maombi ya mtandao** kwa kawaida **yanatumia** aina fulani ya **proxies za kati**, ambazo zinaweza (kutumika vibaya) kutekeleza udhaifu. Udhaifu huu unahitaji proxy yenye udhaifu kuwepo, lakini kwa kawaida pia unahitaji udhaifu wa ziada katika backend.

- [ ] [**Abusing hop-by-hop headers**](abusing-hop-by-hop-headers.md)
- [ ] [**Cache Poisoning/Cache Deception**](cache-deception/index.html)
- [ ] [**HTTP Request Smuggling**](http-request-smuggling/)
- [ ] [**H2C Smuggling**](h2c-smuggling.md)
- [ ] [**Server Side Inclusion/Edge Side Inclusion**](server-side-inclusion-edge-side-inclusion-injection.md)
- [ ] [**Uncovering Cloudflare**](../network-services-pentesting/pentesting-web/uncovering-cloudflare.md)
- [ ] [**XSLT Server Side Injection**](xslt-server-side-injection-extensible-stylesheet-language-transformations.md)
- [ ] [**Proxy / WAF Protections Bypass**](proxy-waf-protections-bypass.md)

## **User input**

> [!TIP]
> Maombi mengi ya mtandao yatakubali **watumiaji kuingiza data ambayo itashughulikiwa baadaye.**\
> Kulingana na muundo wa data ambayo server inatarajia, udhaifu fulani unaweza kutumika au kutoweza kutumika.

### **Reflected Values**

Ikiwa data iliyowekwa inaweza kwa namna fulani kuakisiwa katika jibu, ukurasa unaweza kuwa na udhaifu wa masuala kadhaa.

- [ ] [**Client Side Template Injection**](client-side-template-injection-csti.md)
- [ ] [**Command Injection**](command-injection.md)
- [ ] [**CRLF**](crlf-0d-0a.md)
- [ ] [**Dangling Markup**](dangling-markup-html-scriptless-injection/index.html)
- [ ] [**File Inclusion/Path Traversal**](file-inclusion/index.html)
- [ ] [**Open Redirect**](open-redirect.md)
- [ ] [**Prototype Pollution to XSS**](deserialization/nodejs-proto-prototype-pollution/index.html#client-side-prototype-pollution-to-xss)
- [ ] [**Server Side Inclusion/Edge Side Inclusion**](server-side-inclusion-edge-side-inclusion-injection.md)
- [ ] [**Server Side Request Forgery**](ssrf-server-side-request-forgery/index.html)
- [ ] [**Server Side Template Injection**](ssti-server-side-template-injection/index.html)
- [ ] [**Reverse Tab Nabbing**](reverse-tab-nabbing.md)
- [ ] [**XSLT Server Side Injection**](xslt-server-side-injection-extensible-stylesheet-language-transformations.md)
- [ ] [**XSS**](xss-cross-site-scripting/index.html)
- [ ] [**XSSI**](xssi-cross-site-script-inclusion.md)
- [ ] [**XS-Search**](xs-search/index.html)

Baadhi ya udhaifu uliotajwa unahitaji hali maalum, wengine wanahitaji tu maudhui kuakisiwa. Unaweza kupata polygloths kadhaa za kuvutia ili kujaribu haraka udhaifu katika:

{{#ref}}
pocs-and-polygloths-cheatsheet/
{{#endref}}

### **Search functionalities**

Ikiwa kazi hiyo inaweza kutumika kutafuta aina fulani ya data ndani ya backend, labda unaweza (kutumika vibaya) kuitumia kutafuta data isiyo na mpangilio.

- [ ] [**File Inclusion/Path Traversal**](file-inclusion/index.html)
- [ ] [**NoSQL Injection**](nosql-injection.md)
- [ ] [**LDAP Injection**](ldap-injection.md)
- [ ] [**ReDoS**](regular-expression-denial-of-service-redos.md)
- [ ] [**SQL Injection**](sql-injection/index.html)
- [ ] [**XPATH Injection**](xpath-injection.md)

### **Forms, WebSockets and PostMsgs**

Wakati websocket inachapisha ujumbe au fomu inayowaruhusu watumiaji kufanya vitendo, udhaifu unaweza kutokea.

- [ ] [**Cross Site Request Forgery**](csrf-cross-site-request-forgery.md)
- [ ] [**Cross-site WebSocket hijacking (CSWSH)**](websocket-attacks.md)
- [ ] [**PostMessage Vulnerabilities**](postmessage-vulnerabilities/index.html)

### **HTTP Headers**

Kulingana na vichwa vya HTTP vilivyotolewa na seva ya mtandao, udhaifu fulani unaweza kuwepo.

- [ ] [**Clickjacking**](clickjacking.md)
- [ ] [**Content Security Policy bypass**](content-security-policy-csp-bypass/index.html)
- [ ] [**Cookies Hacking**](hacking-with-cookies/index.html)
- [ ] [**CORS - Misconfigurations & Bypass**](cors-bypass.md)

### **Bypasses**

Kuna kazi kadhaa maalum ambapo njia mbadala zinaweza kuwa na manufaa kuzishinda

- [ ] [**2FA/OTP Bypass**](2fa-bypass.md)
- [ ] [**Bypass Payment Process**](bypass-payment-process.md)
- [ ] [**Captcha Bypass**](captcha-bypass.md)
- [ ] [**Login Bypass**](login-bypass/index.html)
- [ ] [**Race Condition**](race-condition.md)
- [ ] [**Rate Limit Bypass**](rate-limit-bypass.md)
- [ ] [**Reset Forgotten Password Bypass**](reset-password.md)
- [ ] [**Registration Vulnerabilities**](registration-vulnerabilities.md)

### **Structured objects / Specific functionalities**

Baadhi ya kazi zitahitaji **data iwe na muundo maalum sana** (kama vile kitu kilichosawazishwa au XML). Kwa hivyo, ni rahisi kubaini ikiwa programu inaweza kuwa na udhaifu kwani inahitaji kushughulikia aina hiyo ya data.\
Baadhi ya **kazi maalum** pia zinaweza kuwa na udhaifu ikiwa **muundo maalum wa ingizo unatumika** (kama vile Email Header Injections).

- [ ] [**Deserialization**](deserialization/index.html)
- [ ] [**Email Header Injection**](email-injections.md)
- [ ] [**JWT Vulnerabilities**](hacking-jwt-json-web-tokens.md)
- [ ] [**XML External Entity**](xxe-xee-xml-external-entity.md)
- [ ] [**GraphQL Attacks**](../network-services-pentesting/pentesting-web/graphql.md)
- [ ] [**gRPC-Web Attacks**](grpc-web-pentest.md)

### Files

Kazi zinazoruhusu kupakia faili zinaweza kuwa na udhaifu wa masuala kadhaa.\
Kazi zinazozalisha faili ikiwa ni pamoja na ingizo la mtumiaji zinaweza kutekeleza msimbo usiotarajiwa.\
Watumiaji wanaofungua faili zilizopakiwa na watumiaji au zilizozalishwa kiotomatiki ikiwa ni pamoja na ingizo la mtumiaji wanaweza kuathirika.

- [ ] [**File Upload**](file-upload/index.html)
- [ ] [**Formula Injection**](formula-csv-doc-latex-ghostscript-injection.md)
- [ ] [**PDF Injection**](xss-cross-site-scripting/pdf-injection.md)
- [ ] [**Server Side XSS**](xss-cross-site-scripting/server-side-xss-dynamic-pdf.md)

### **External Identity Management**

- [ ] [**OAUTH to Account takeover**](oauth-to-account-takeover.md)
- [ ] [**SAML Attacks**](saml-attacks/index.html)

### **Other Helpful Vulnerabilities**

Udhaifu huu unaweza kusaidia kutekeleza udhaifu mwingine.

- [ ] [**Domain/Subdomain takeover**](domain-subdomain-takeover.md)
- [ ] [**IDOR**](idor.md)
- [ ] [**Parameter Pollution**](parameter-pollution.md)
- [ ] [**Unicode Normalization vulnerability**](unicode-injection/index.html)

{{#include ../banners/hacktricks-training.md}}