I like to save everything that has been interesting for me about cybersecurity so I will share it here
Knowledge
Web Sessions
JWT
Why JWTs Suck as Session Tokens
An article about how JWT Tokens work, it’s cons and when you probably shouldn’t use them
Secure Access Token Storage with Single-Page Applications: Part 1 - by Ben Botto - Medium
An article about which are the secure ways to store JWT Tokens in SPAs
Secure Access Token Storage with Single-Page Applications: Part 2 - by Ben Botto - Medium
Second part of the previous article
Stop using JWT for sessions, part 2: Why your solution doesn’t work - joepie91’s Ramblings
Even it’s the second part of an article here I found a well done diagram with JWT usage cases and it’s cons
OAuth 2
The most common OAuth 2.0 Hacks / Habr
A simple explained article about how OAuth2.0 works and it’s various vulnerabilities depending on it’s implementation
Frameworks & More
Vue.js - Security
Vue official security guide
Vue.js - Lifecycle
Vue lifecycle diagram
NuxtJS - Create a Blog with Nuxt Content
NuxtJS example
NuxtJS - Nuxt Lifecycle
Nuxt lifecycle diagram
GraphQL
Some ways to find more IDOR. Hello friend! - by Thái Vũ - Jun, 2021 - Medium
An article about how to find IDORs in GraphQL
CSV Injection
CSV Injection Software Attack - OWASP Foundation
OWASP explanation of CSV injection and it’s correct remmediation
What is CSV Injection? CSV Injection attacks explained
An useful article about different CSV injection payloads and mitigations
PDF Injection
Portable Data exFiltration: XSS for PDFs - PortSwigger Research
A really deep article of PoerSwigger about how PDFs work an how they can be exploited
Export Injection. This article will talk about a new… - by Inon Shkedy - Medium
A more concise article about PDF Injection attacks
cornerpirate/JS2PDFInjector: Inject a JS file into a PDF file.
A Java application to inject JavaScript code into PDFs
HTTP Smuggling
The Powerful HTTP Request Smuggling 💪 - by Ricardo Iramar dos Santos - Medium
A bounty article about HTTP Smuggling, with a really good explanation about how it works
YAML Injection Java
SnakeYaml Deserilization exploited - by Swapneil Kumar Dash - Medium
An article about a SnakeYaml found vulnerabilty where explains a bit how YAML exploits work
artsploit/yaml-payload: A tiny project for generating SnakeYAML deserialization payloads
The tool to generate payloads for the above vulnerabilty
RegEx Bypass
Python RE Bypass Technique
An article about bypassing Regular Expresions in Python
Mobile
OWASP Introduction - Mobile Security Testing Guide
A really deep but pretty well written guide for Mobile Security by the OWASP
CSP
Introduction - Content Security Policy
Introduction to what CSP is
Content-Security-Policy Header Reference
CSP headers reference
CSP Evaluator
Online tool to check CSP status
CSP Scanner - Content Security Policy Check - Analyze Bypasses
Another online tool to check CSP status
HackTricks - CSP Bypass
Ways to bypass CSP depending on it’s configuration
JSONP List
List of sites which use JSONP used to bypass CSP
CSPLite - CSPGenerator
Simple CSP Generator tool, if you have any doubt about CSP this is probably the site which has more knowledge about it
CyberUtils
APK IA Deofuscate - DeGuard - Statistical Deobfuscation for Android
Online Tool to defouscate APKs using an Artificial Intelligence
IA JS Deofuscate - JS NICE: Statistical renaming, Type inference and Deobfuscation
Online Tool to defouscate JavaScript using an Artificial Intelligence
JSFuck - Write any JavaScript with 6 Characters: []()!+
Online tool to ofuscate Javascript only using this characters: []()!+
Web Security
testssl.sh - Testing TLS/SSL encryption anywhere on any port
Useful tool to test TLS/SSL encryption
Vulnerable node.js App - GitHub
A vulnerable node.js App for testing or practice
WAFs
wafw00f - GitHub
Useful tool to find out if a WebApp is using a WAF, and which one
WAF Bypasses - Github - 0xInfection/Awesome-WAF
Some WAFs bypasses that sometimes work if they are not patched
JWT_Tool
Useful tool for testing and cracking JWT Tokens
shcheck - A basic tool to check security headers of a website
A simple and useful tool to check which security headers are being used by a WebApp
securityheaders - Check any website (or set of websites) for insecure security headers.
A deeper tool to check security headers
Checklists
WebApp Pentest Checklist - GitHub
Web Application Pentesting Checklist
OWASP Pentest Checklist - GitHub
OWASP Web Application Pentesting Checklist
Payloads
PayloadAllThings - GitHub
Here you can find payloads for almost everything
Pentesting Payloads - GitHub
Some extra payloads for reverse shells, privilege escalation and enumeration
Other Tools
HTTPX
A GoLang tool which consist of a HTTP toolkit
httpbin.org
A simple HTTP Request & Response Service
Screenshot Guru - Online Screen Capture for Websites
Useful online tool to do a screenshot of a webpage without the need of access to it yourself
evil-winrm - GitHub
A tool to spawn a reverse shell via WinRM (Windows Remote Management)
Pentesting WebLabs
Proving Grounds Play and Practice - Offensive Security
OSCP Official Labs (apart of the courses)
Hack The Box: Hacking Training For The Best - Individuals & Companies
One of the most used hacking platforms with a lot of machines to hack
TryHackMe - Cyber Security Training
Another well-known hacking platform I didn’t tried
Vulnerable By Design ~ VulnHub
A FREE hacking platform where you have to host the vulnerable machines by downloading it’s VM file
General
MalwareSourceCode - Github
Source code of existing Malware
/home/six2dez/.pentest-book - Pentest Book
A knowledge base for pentesting
Awsome-Linux-Software - GitHub
Interesting Linux Software
Linux Static Binaries - GitHub
Static binaries for linux
Proxies
mitmproxy - an interactive HTTPS proxy
A powerful CLI HTTP Proxy
Burp Suite - Application Security Testing Software - PortSwigger
Probably the most known HTTP Proxy out there
Leaks
RaidForums \ Leaks
A forum where leaks are announced and selled. Just take a look don’t take part
GitHubLOLs (Weird&Funny Projects)
liaoxiong3x/DeepCreamPy
A special way to train a Neural Network
laynH/Anime-Girls-Holding-Programming-Books: Anime Girls Holding Programming Books
Everything it’s OK here
DIGITALCRIMINAL/OnlyFans: Scrape all the media from an OnlyFans account - Updated regularly
Needs
Interesting Readings
/r/netsec - Information Security News & Discussion
The netsec subreddit, the best way to find the latest news and a buch of interesting articles
Trending repositories on GitHub today · GitHub
If you are a code freak here you will have your best time
Blog - Red Timmy Security
A blog with a bunch of articles
List of bug bounty writeups · Pentester Land
A list with bug bounties articles
Forgot password? Taking over user accounts Kaminsky style
An interesting way to exploit the Forgot Password feature
The-Login/DNS-Reset-Checker: Tools to assess the DNS security of web applications
Tool created for the above article
You ain’t got no problem, Jules. I’m on the Multifactor. - by Curtis Brazzell - Jul, 2021 - Medium
An article about how Multifactor can be exploited
Counter-Strike Global Offsets: reliable remote code execution - secret club
An article about how they got RCE in CS:GO
How to analyze mobile malware: a Cabassous/FluBot Case study – NVISO Labs
Example on how to analyze mobile malware with FluBot (Known for a massive banking apps attack in Spain)
How I Stole Your Siacoin · mtlynch.io
How somebody lost it’s wallet passphrase and a hero recovered it
Let’s Enhance! How we found @rogerkver’s $1,000 wallet obfuscated private key
Defouscating a blurred QR with 1000$ reward
Can you ever (safely) include credentials in a URL? – Neil Madden
An article about URL safety
Anti-Debug JS/WASM by Hand - REMY HAX
The most horrorific way to obfuscate JavaScript (Really well written and hard to understand even that)
martinvigo/email2phonenumber: A OSINT tool to obtain a target’s phone number just by having his email address
How to exploit Forgot Password to get a mobile phone number
From email to phone number, a new OSINT approach - Martin Vigo
Tool from the above article