Home

Tools

  • http://requestb.in/
  • https://adamcaudill.com/2016/09/15/testing-sweet32-yawast/
  • JS Tester
  •  

 

Headers

 

General

  • https://www.madboa.com/geek/openssl
  • https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name
  • https://vulners.com
  • TLS very good explanation: https://hpbn.co/transport-layer-security-tls/
  • https://www.mnot.net/cache_docs/
  • http://www.tecmint.com/ip-command-examples/
  • Security list for fun and profit

 

Lists

 

XSS

  • XSS Quick test:
  • Quick and dirty (OWASP)
    • '';!--"<XSS>=&{()}
  • Injection point is inbetween HTML tags like <title>INJECTION</title>:
    • '"()=<x>
  • Injection point is inside an HTML attribute like <input value=”INJECTION”>
    • '"(){}[];
  • Embedded javascript injection, <a href=”INJECTION”>, var=’INJECTION’
    • JaVAscRIPT:prompt(99)
  • POC:
  • Attribute injection: “><sVG/OnLoaD=prompt(9)>
  • Between tag injection: <sVG/OnLoaD=prompt(9)>

 

 

SQL Injection

 

CSP

 

iOS/Mobile

  • https://github.com/felixgr/secure-ios-app-dev
  • https://web.securityinnovation.com/hubfs/iOS%20Hacking%20Guide.pdf?
  •  

 

Backdoors

  • https://github.com/bartblaze/PHP-backdoors

 

SOLR

  • http://lucene.apache.org/core/4_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html?is-external=true#Escaping_Special_Characters
  • http://lucene.apache.org/core/2_9_4/queryparsersyntax.html#Escaping Special Characters
  • http://javahacker.com/abusing-the-solr-local-parameters-feature-localparams-injection/

 

Mac OS X

 

Blogs

  • https://www.reddit.com/r/netsec
  • https://nakedsecurity.sophos.com/
  • https://www.schneier.com/
  • http://krebsonsecurity.com/
  • http://www.darkreading.com/vulnerabilities---threats/10-cybersecurity-twitter-profiles-to-watch/d/d-id/1325031?

 

Social engineering

  • http://www.social-engineer.org

 

Information gathering

  • http://osintframework.com

 

Pivoting

  • https://artkond.com/2017/03/23/pivoting-guide/

My Company, 8901 Marmora Road,

Glasgow, D04 89GR

Tel: 123-456-7890

E-mail: mail@demolink.org