Notice: This document will be continuously updated.
Cross Site Scripting (XSS)
- TBA
Server-side Template Injection (SSTI)
- TBA
SQL Injection
- TBA
JavaScript
Regex
- TBA
Encoding
- TBA
Prototype Pollution
- TBA
DOM
- TBA
NodeJS
- TBA
Deno
- TBA
Electron
- TBA
Python
- TBA
PHP
- TBA
References
- https://po6ix.github.io/Web-Security-CheatSheet/
- https://github.com/strellic/my-ctf-challenges
- https://github.com/splitline/How-to-Hack-Websites
- https://github.com/w181496/Web-CTF-Cheatsheet
- https://xsleaks.dev/
- https://github.com/terjanq/JS-Alpha
- https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting/other-js-tricks
- https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting
- https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection
- https://hackmd.io/@cjiso/javascript#Javascript