├── README.md
├── clickjacking.md
├── cors.md
├── csrf.md
├── relative-path-overwrite.md
├── sqli.md
├── subdomain-takeover.md
└── xss.md


/README.md:
--------------------------------------------------------------------------------
  1 | The purpose of this repository is to provide resources that you could link in your PoC to explain the security team what the vulnerability is about but more important what are the potential dangers.
  2 | 
  3 | 
  4 | [Clickjacking](clickjacking.md)  
  5 | [CORS - Cross-origin resource sharing](cors.md)  
  6 | [CSRF - Cross-site request forgery](csrf.md)  
  7 | [Relative path overwrite / Path-relative style sheet import](relative-path-overwrite.md)  
  8 | [SQLI - SQL injection](sqli.md)  
  9 | [Subdomain takeover](subdomain-takeover.md)  
 10 | [XSS - Cross-site scriptting](xss.md)  
 11 | 
 12 | 
 13 | 
 14 | 
 15 | 
 16 | 
 17 | # TODO
 18 | 
 19 | ## Cookies
 20 | [SSL cookie without secure flag set](https://portswigger.net/knowledgebase/Issues/details/00500200_sslcookiewithoutsecureflagset)  
 21 | [Cookie scoped to parent domain](https://portswigger.net/knowledgebase/Issues/details/00500300_cookiescopedtoparentdomain)  
 22 | [Duplicate cookies set](https://portswigger.net/knowledgebase/Issues/details/00400a00_duplicatecookiesset)  
 23 | [Cookie without HttpOnly flag set](https://portswigger.net/knowledgebase/Issues/details/00500600_cookiewithouthttponlyflagset)  
 24 | [Cookie manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500b00_cookiemanipulationdombased)  
 25 | [Cookie manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500b01_cookiemanipulationreflecteddombased)  
 26 | [Cookie manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500b02_cookiemanipulationstoreddombased)  
 27 | 
 28 | 
 29 | ## Headers manipulation
 30 | [HTTP response header injection aka CRLF](https://portswigger.net/knowledgebase/Issues/details/00200200_httpresponseheaderinjection)  
 31 | [Referer-dependent response](https://portswigger.net/knowledgebase/Issues/details/00400100_refererdependentresponse)  
 32 | [X-Forwarded-For dependent response](https://portswigger.net/knowledgebase/Issues/details/00400110_xforwardedfordependentresponse)  
 33 | [User agent-dependent response](https://portswigger.net/knowledgebase/Issues/details/00400120_useragentdependentresponse)  
 34 | 
 35 | 
 36 | [Ajax request header manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500c00_ajaxrequestheadermanipulationdombased)  
 37 | [Ajax request header manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500c01_ajaxrequestheadermanipulationreflecteddombased)  
 38 | [Ajax request header manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500c02_ajaxrequestheadermanipulationstoreddombased)  
 39 | 
 40 | [Cacheable HTTPS response](https://portswigger.net/knowledgebase/Issues/details/00700100_cacheablehttpsresponse)  
 41 | [Multiple content types specified](https://portswigger.net/knowledgebase/Issues/details/00800100_multiplecontenttypesspecified)  
 42 | [Content type incorrectly stated](https://portswigger.net/knowledgebase/Issues/details/00800400_contenttypeincorrectlystated)  
 43 | [Content type is not specified](https://portswigger.net/knowledgebase/Issues/details/00800500_contenttypeisnotspecified)  
 44 | 
 45 | 
 46 | ## Code injection
 47 | [PHP code injection](https://portswigger.net/knowledgebase/Issues/details/00100c00_phpcodeinjection)  
 48 | [Serialized object in HTTP message](https://portswigger.net/knowledgebase/Issues/details/00400900_serializedobjectinhttpmessage)  
 49 | [Server-side JavaScript code injection](https://portswigger.net/knowledgebase/Issues/details/00100d00_serversidejavascriptcodeinjection)  
 50 | [Perl code injection](https://portswigger.net/knowledgebase/Issues/details/00100e00_perlcodeinjection)  
 51 | [Ruby code injection](https://portswigger.net/knowledgebase/Issues/details/00100f00_rubycodeinjection)  
 52 | [Python code injection](https://portswigger.net/knowledgebase/Issues/details/00100f10_pythoncodeinjection)  
 53 | [Expression Language injection](https://portswigger.net/knowledgebase/Issues/details/00100f20_expressionlanguageinjection)  
 54 | [Unidentified code injection](https://portswigger.net/knowledgebase/Issues/details/00101000_unidentifiedcodeinjection)  
 55 | [Server-side template injection](https://portswigger.net/knowledgebase/Issues/details/00101080_serversidetemplateinjection)  
 56 | [SSI injection](https://portswigger.net/knowledgebase/Issues/details/00101100_ssiinjection)  
 57 | [Client-side template injection](https://portswigger.net/knowledgebase/Issues/details/00200308_clientsidetemplateinjection)  
 58 | [JavaScript injection (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200320_javascriptinjectiondombased)  
 59 | [JavaScript injection (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200321_javascriptinjectionreflecteddombased)  
 60 | [JavaScript injection (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200322_javascriptinjectionstoreddombased)  
 61 | 
 62 | [Client-side JSON injection (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200370_clientsidejsoninjectiondombased)  
 63 | [Client-side JSON injection (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200371_clientsidejsoninjectionreflecteddombased)  
 64 | [Client-side JSON injection (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200372_clientsidejsoninjectionstoreddombased)  
 65 | 
 66 | 
 67 | ## XML manipulation
 68 | [XML injection](https://portswigger.net/knowledgebase/Issues/details/00100700_xmlinjection)  
 69 | [XML external entity injection](https://portswigger.net/knowledgebase/Issues/details/00100400_xmlexternalentityinjection)  
 70 | [XPath injection](https://portswigger.net/knowledgebase/Issues/details/00100600_xpathinjection)  
 71 | [Client-side XPath injection (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200360_clientsidexpathinjectiondombased)  
 72 | [Client-side XPath injection (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200361_clientsidexpathinjectionreflecteddombased)  
 73 | [Client-side XPath injection (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200362_clientsidexpathinjectionstoreddombased)  
 74 | [XML entity expansion](https://portswigger.net/knowledgebase/Issues/details/00400700_xmlentityexpansion)  
 75 | 
 76 | 
 77 | ## HTTP method
 78 | [HTTP PUT method is enabled](https://portswigger.net/knowledgebase/Issues/details/00100900_httpputmethodisenabled)  
 79 | [HTTP TRACE method is enabled](https://portswigger.net/knowledgebase/Issues/details/00500a00_httptracemethodisenabled)  
 80 | 
 81 | 
 82 | 
 83 | ## HTML5
 84 | [HTML5 web message manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500e00_html5webmessagemanipulationdombased)  
 85 | [HTML5 web message manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500e01_html5webmessagemanipulationreflecteddombased)  
 86 | [HTML5 web message manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500e02_html5webmessagemanipulationstoreddombased)  
 87 | [HTML5 storage manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500f00_html5storagemanipulationdombased)  
 88 | [HTML5 storage manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500f01_html5storagemanipulationreflecteddombased)  
 89 | [HTML5 storage manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500f02_html5storagemanipulationstoreddombased)  
 90 | 
 91 | 
 92 | ## Information exposure
 93 | 
 94 | [ASP.NET tracing enabled](https://portswigger.net/knowledgebase/Issues/details/00100280_aspnettracingenabled)  
 95 | [ASP.NET debugging enabled](https://portswigger.net/knowledgebase/Issues/details/00100800_aspnetdebuggingenabled)  
 96 | [ASP.NET ViewState without MAC enabled](https://portswigger.net/knowledgebase/Issues/details/00400600_aspnetviewstatewithoutmacenabled)  
 97 | [Email addresses disclosed](https://portswigger.net/knowledgebase/Issues/details/00600200_emailaddressesdisclosed)  
 98 | [Private IP addresses disclosed](https://portswigger.net/knowledgebase/Issues/details/00600300_privateipaddressesdisclosed)  
 99 | [Private key disclosed](https://portswigger.net/knowledgebase/Issues/details/00600550_privatekeydisclosed)  
100 | [Database connection string disclosed](https://portswigger.net/knowledgebase/Issues/details/00600080_databaseconnectionstringdisclosed)  
101 | [Source code disclosure](https://portswigger.net/knowledgebase/Issues/details/006000b0_sourcecodedisclosure)  
102 | [Directory listing](https://portswigger.net/knowledgebase/Issues/details/00600100_directorylisting)  
103 | 
104 | 
105 | ## File path manipulation
106 | [File path traversal](https://portswigger.net/knowledgebase/Issues/details/00100300_filepathtraversal)  
107 | [File path manipulation](https://portswigger.net/knowledgebase/Issues/details/00100b00_filepathmanipulation)  
108 | [Local file path manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200350_localfilepathmanipulationdombased)  
109 | [Local file path manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200351_localfilepathmanipulationreflecteddombased)  
110 | [Local file path manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200352_localfilepathmanipulationstoreddombased)  
111 | 
112 | 
113 | ## Password related
114 | [Cleartext submission of password](https://portswigger.net/knowledgebase/Issues/details/00300100_cleartextsubmissionofpassword)  
115 | [Password returned in later response](https://portswigger.net/knowledgebase/Issues/details/00400200_passwordreturnedinlaterresponse)  
116 | [Password submitted using GET method](https://portswigger.net/knowledgebase/Issues/details/00400300_passwordsubmittedusinggetmethod)  
117 | [Password returned in URL query string](https://portswigger.net/knowledgebase/Issues/details/00400400_passwordreturnedinurlquerystring)  
118 | [Password field with autocomplete enabled](https://portswigger.net/knowledgebase/Issues/details/00500800_passwordfieldwithautocompleteenabled)  
119 | [Password value set in cookie](https://portswigger.net/knowledgebase/Issues/details/00500900_passwordvaluesetincookie)  
120 | 
121 | 
122 | ## DDOS
123 | [Denial of service (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500d00_denialofservicedombased)  
124 | [Denial of service (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500d01_denialofservicereflecteddombased)  
125 | [Denial of service (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500d02_denialofservicestoreddombased)  
126 | 
127 | 
128 | ## Others
129 | 
130 | [Out-of-band resource load (HTTP)](https://portswigger.net/knowledgebase/Issues/details/00100a00_outofbandresourceloadhttp)  
131 | [WebSocket hijacking (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200340_websockethijackingdombased)  
132 | [WebSocket hijacking (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200341_websockethijackingreflecteddombased)  
133 | [WebSocket hijacking (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200342_websockethijackingstoreddombased)  
134 | [LDAP injection](https://portswigger.net/knowledgebase/Issues/details/00100500_ldapinjection)  
135 | [SMTP header injection](https://portswigger.net/knowledgebase/Issues/details/00200800_smtpheaderinjection)  
136 | [Os command injection](https://portswigger.net/knowledgebase/Issues/details/00100100_oscommandinjection)  
137 | 
138 | [Flash cross-domain policy](https://portswigger.net/knowledgebase/Issues/details/00200400_flashcrossdomainpolicy)  
139 | [Silverlight cross-domain policy](https://portswigger.net/knowledgebase/Issues/details/00200500_silverlightcrossdomainpolicy)  
140 | 
141 | [External service interaction (DNS)](https://portswigger.net/knowledgebase/Issues/details/00300200_externalserviceinteractiondns)  
142 | [External service interaction (HTTP)](https://portswigger.net/knowledgebase/Issues/details/00300210_externalserviceinteractionhttp)  
143 | [External service interaction (SMTP)](https://portswigger.net/knowledgebase/Issues/details/00300220_externalserviceinteractionsmtp)  
144 | 
145 | [Cross-domain POST](https://portswigger.net/knowledgebase/Issues/details/00400500_crossdomainpost)  
146 | [Input returned in response (stored)](https://portswigger.net/knowledgebase/Issues/details/00400b00_inputreturnedinresponsestored)  
147 | [Input returned in response (reflected)](https://portswigger.net/knowledgebase/Issues/details/00400c00_inputreturnedinresponsereflected)  
148 | [Suspicious input transformation (reflected)](https://portswigger.net/knowledgebase/Issues/details/00400d00_suspiciousinputtransformationreflected)  
149 | [Suspicious input transformation (stored)](https://portswigger.net/knowledgebase/Issues/details/00400e00_suspiciousinputtransformationstored)  
150 | [Cross-domain Referer leakage](https://portswigger.net/knowledgebase/Issues/details/00500400_crossdomainrefererleakage)  
151 | [Cross-domain script include](https://portswigger.net/knowledgebase/Issues/details/00500500_crossdomainscriptinclude)  
152 | [Session token in URL](https://portswigger.net/knowledgebase/Issues/details/00500700_sessiontokeninurl)  
153 | 
154 | [File upload functionality](https://portswigger.net/knowledgebase/Issues/details/00500980_fileuploadfunctionality)  
155 | 
156 | [Long redirection response](https://portswigger.net/knowledgebase/Issues/details/00400800_longredirectionresponse)  
157 | [Open redirection](https://portswigger.net/knowledgebase/Issues/details/00500100_openredirection)  
158 | [Open redirection (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500110_openredirectiondombased)  
159 | [Open redirection (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500111_openredirectionreflecteddombased)  
160 | [Open redirection (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00500112_openredirectionstoreddombased)  
161 | 
162 | [Link manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501000_linkmanipulationdombased)  
163 | [Link manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501001_linkmanipulationreflecteddombased)  
164 | [Link manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501002_linkmanipulationstoreddombased)  
165 | [Document domain manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501100_documentdomainmanipulationdombased)  
166 | [Document domain manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501101_documentdomainmanipulationreflecteddombased)  
167 | [Document domain manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501102_documentdomainmanipulationstoreddombased)  
168 | [DOM data manipulation (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501200_domdatamanipulationdombased)  
169 | [DOM data manipulation (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501201_domdatamanipulationreflecteddombased)  
170 | [DOM data manipulation (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00501202_domdatamanipulationstoreddombased)  
171 | 
172 | [HTML does not specify charset](https://portswigger.net/knowledgebase/Issues/details/00800200_htmldoesnotspecifycharset)  
173 | [HTML uses unrecognized charset](https://portswigger.net/knowledgebase/Issues/details/00800300_htmlusesunrecognizedcharset)  
174 | 
175 | [SSL certificate](https://portswigger.net/knowledgebase/Issues/details/01000100_sslcertificate)  
176 | [Unencrypted communications](https://portswigger.net/knowledgebase/Issues/details/01000200_unencryptedcommunications)  
177 | [Strict transport security not enforced](https://portswigger.net/knowledgebase/Issues/details/01000300_stricttransportsecuritynotenforced)  
178 | [Mixed content](https://portswigger.net/knowledgebase/Issues/details/01000400_mixedcontent)  
179 | 


--------------------------------------------------------------------------------
/clickjacking.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [Clickjacking](https://en.wikipedia.org/wiki/Clickjacking) by Wikipedia  
 3 | [Lack of Clickjacking Protection](https://www.hacker101.com/vulnerabilities/clickjacking) by HackerOne
 4 | 
 5 | ## Advanced exploitation
 6 | -
 7 | 
 8 | ## Articles
 9 | 
10 | [Frameable response (potential Clickjacking)](https://portswigger.net/knowledgebase/Issues/details/005009a0_frameableresponsepotentialclickjacking) by PortSwigger  
11 | 
12 | ## Videos
13 | -
14 | 
15 | ## Reports
16 | -
17 | 
18 | ## Tools
19 | [Clickbandit](https://portswigger.net/blog/burp-clickbandit-a-javascript-based-clickjacking-poc-generator) by PortSwigger  
20 | 


--------------------------------------------------------------------------------
/cors.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [CORS OriginHeaderScrutiny](https://www.owasp.org/index.php/CORS_OriginHeaderScrutiny) by OWASP  
 3 | 
 4 | [Cross-origin resource sharing](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing) by Wikipedia  
 5 | 
 6 | [Cross-origin resource sharing](https://portswigger.net/knowledgebase/Issues/details/00200600_crossoriginresourcesharing) by PortSwigger  
 7 | [Cross-origin resource sharing: arbitrary origin trusted](https://portswigger.net/knowledgebase/Issues/details/00200601_crossoriginresourcesharingarbitraryorigintrusted) by PortSwigger  
 8 | [Cross-origin resource sharing: unencrypted origin trusted](https://portswigger.net/knowledgebase/Issues/details/00200602_crossoriginresourcesharingunencryptedorigintrusted) by PortSwigger  
 9 | [Cross-origin resource sharing: all subdomains trusted](https://portswigger.net/knowledgebase/Issues/details/00200603_crossoriginresourcesharingallsubdomainstrusted) by PortSwigger  
10 | 
11 | ## Advanced exploitation
12 | -
13 | 
14 | ## Articles
15 | [Exploiting CORS Misconfigurations for Bitcoins and Bounties](http://blog.portswigger.net/2016/10/exploiting-cors-misconfigurations-for.html) by PortSwigger  
16 | [Exploiting Misconfigured CORS](http://www.geekboy.ninja/blog/exploiting-misconfigured-cors-cross-origin-resource-sharing/) by Geekboy  
17 | [Critical Issue Opened Private Chats of Facebook Messenger Users](https://www.cynet.com/wp-content/uploads/2016/12/Blog-Post-BugSec-Cynet-Facebook-Originull.pdf) by Cynet  
18 | 
19 | ## Videos
20 | -
21 | 
22 | ## Reports
23 | -
24 | 
25 | ## Tools
26 | -
27 | 


--------------------------------------------------------------------------------
/csrf.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [Cross-Site Request Forgery (CSRF)](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)) by OWASP  
 3 | 
 4 | [Cross-site request forgery](https://en.wikipedia.org/wiki/Cross-site_request_forgery) by Wikipedia  
 5 | 
 6 | [Cross-site request forgery](https://portswigger.net/knowledgebase/Issues/details/00200700_crosssiterequestforgery) by PortSwigger  
 7 | 
 8 | ## Advanced exploitation
 9 | [JSON CSRF with Parameter Padding](http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html) by Gursev Kalra  
10 | 
11 | ## Articles
12 | -
13 | 
14 | ## Videos
15 | -
16 | 
17 | ## Reports
18 | -
19 | 
20 | ## Tools
21 | -
22 | 


--------------------------------------------------------------------------------
/relative-path-overwrite.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [Path-relative style sheet import](https://portswigger.net/knowledgebase/Issues/details/00200328_pathrelativestylesheetimport) by PortSwigger  
 3 | 
 4 | ## Advanced exploitation
 5 | -
 6 | 
 7 | ## Articles
 8 | [Detecting and exploiting PRSSI vulnerabilites](http://blog.portswigger.net/2015/02/prssi.html) by PortSwigger  
 9 | [Relative path overwrite](http://www.thespanner.co.uk/2014/03/21/rpo/) by The Spanner  
10 | 
11 | ## Videos
12 | -
13 | 
14 | ## Reports
15 | -
16 | 
17 | ## Tools
18 | -
19 | 


--------------------------------------------------------------------------------
/sqli.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [SQL Injection overview](https://www.owasp.org/index.php/SQL_Injection) by OWASP  
 3 | 
 4 | [SQL injection](https://en.wikipedia.org/wiki/SQL_injection) by Wikipedia  
 5 | 
 6 | [SQL statement in request parameter](https://portswigger.net/knowledgebase/Issues/details/00400480_sqlstatementinrequestparameter) by PortSwigger  
 7 | [SQL injection (basic)](https://portswigger.net/knowledgebase/Issues/details/00100200_sqlinjection) by PortSwigger  
 8 | [SQL injection (second order)](https://portswigger.net/knowledgebase/Issues/details/00100210_sqlinjectionsecondorder) by PortSwigger  
 9 | [Client-side SQL injection (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200330_clientsidesqlinjectiondombased) by PortSwigger  
10 | [Client-side SQL injection (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200331_clientsidesqlinjectionreflecteddombased) by PortSwigger  
11 | [Client-side SQL injection (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200332_clientsidesqlinjectionstoreddombased) by PortSwigger  
12 | 
13 | ## Advanced exploitation
14 | -
15 | 
16 | ## Articles
17 | -
18 | 
19 | ## Videos
20 | 
21 | [DEFCON 17: Advanced SQL Injection](https://www.youtube.com/watch?v=rdyQoUNeXSg)  
22 | [Hacktivity 2012 - Joe McCray - Big Bang Theory - Pentesting high security environments](https://www.youtube.com/watch?v=qBVThFwdYTc)  
23 | 
24 | ## Reports
25 | -
26 | 
27 | ## Tools
28 | -
29 | 


--------------------------------------------------------------------------------
/subdomain-takeover.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [Subdomain Takeover](https://www.hackerone.com/blog/Guide-Subdomain-Takeovers) by HackerOne
 3 | 
 4 | ## Advanced exploitation
 5 | -
 6 | 
 7 | ## Articles
 8 | [Hostile subdomain takeover](https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/) by Detectify   
 9 | 
10 | ## Videos
11 | -
12 | 
13 | ## Reports
14 | -
15 | 
16 | ## Tools
17 | -
18 | 


--------------------------------------------------------------------------------
/xss.md:
--------------------------------------------------------------------------------
 1 | ## Intro
 2 | [Cross-site Scripting (XSS)](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)) by OWASP  
 3 | 
 4 | [Cross-site scripting](https://en.wikipedia.org/wiki/Cross-site_scripting) by Wikipedia  
 5 | 
 6 | [Cross-site scripting (DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200310_crosssitescriptingdombased) by PortSwigger  
 7 | [Cross-site scripting (reflected)](https://portswigger.net/knowledgebase/Issues/details/00200300_crosssitescriptingreflected) by PortSwigger  
 8 | [Cross-site scripting (reflected DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200311_crosssitescriptingreflecteddombased) by PortSwigger  
 9 | [Cross-site scripting (stored)](https://portswigger.net/knowledgebase/Issues/details/00200100_crosssitescriptingstored) by PortSwigger  
10 | [Cross-site scripting (stored DOM-based)](https://portswigger.net/knowledgebase/Issues/details/00200312_crosssitescriptingstoreddombased) by PortSwigger  
11 | [Browser cross-site scripting filter disabled](https://portswigger.net/knowledgebase/Issues/details/005009b0_browsercrosssitescriptingfilterdisabled) by PortSwigger  
12 | 
13 | ## Advanced exploitation
14 | [5 Practical Scenarios for XSS Attacks](https://pentest-tools.com/blog/xss-attacks-practical-scenarios/) by Satyam Singh  
15 | 
16 | ## Articles
17 | -
18 | 
19 | ## Videos
20 | -
21 | 
22 | ## Reports
23 | -
24 | 
25 | ## Tools
26 | [XSS Hunter](https://xsshunter.com/) by IAmMandatory
27 | 


--------------------------------------------------------------------------------