diff --git a/content/en/docs/prologue/_index.md b/content/en/docs/prologue/_index.md deleted file mode 100644 index d6b467c..0000000 --- a/content/en/docs/prologue/_index.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -title : "Prologue" -description: "Prologue Doks." -lead: "" -date: 2020-10-06T08:48:45+00:00 -lastmod: 2020-10-06T08:48:45+00:00 -draft: false -images: [] -weight: 100 ---- diff --git a/content/en/docs/prologue/introduction.md b/content/en/docs/prologue/introduction.md deleted file mode 100644 index 6cb34dc..0000000 --- a/content/en/docs/prologue/introduction.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -title: "Introduction" -description: "OffensiveWeb aims to offer clear and comprehensive information on various web security concepts, such as vulnerability research, fuzzing and security measures." -lead: "OffensiveWeb aims to offer clear and comprehensive information on various web security concepts, such as vulnerability research, fuzzing and security measures." -date: 2023-01-01T00:00:00+00:00 -lastmod: 2023-01-01T00:00:00+00:00 -draft: false -images: [] -menu: - docs: - parent: "prologue" -weight: 100 -toc: true ---- - -## OffensiveWeb - -{{< alert icon="⚠️" text="OffensiveWeb is intended for educational and informational purposes only, and should not be used for any illegal or malicious activities." />}} - -Welcome to **OffensiveWeb** ! Our goal is to provide clear and comprehensive information about web security concepts that can often be difficult to understand. More specifically, you will find resources related to web security, vulnerability research/analysis, fuzzing and also security measures to overcome various types of vulnerabilities. - -Whether you're a security researcher, web developer, or just interested in learning more about web security, our documentation can help you improve your understanding of web security, stay up-to-date and and even conduct your own research. - -Thank you for visiting, and we hope you find our site helpful in your journey towards a more secure web. diff --git a/content/en/docs/prologue/learning.md b/content/en/docs/prologue/learning.md deleted file mode 100644 index 97fdd87..0000000 --- a/content/en/docs/prologue/learning.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -title: "Learning" -description: "List of resources to learn and stay up to date on the latest types of vulnerabilities." -lead: "List of resources to learn and stay up to date on the latest types of vulnerabilities." -date: 2023-01-01T00:00:00+00:00 -lastmod: 2023-01-01T00:00:00+00:00 -draft: false -images: [] -menu: - docs: - parent: "prologue" -weight: 100 -toc: true ---- - -## Courses - -- [OWASP - Cheat Sheet Series](https://cheatsheetseries.owasp.org/Glossary.html) -- [Mozilla - MDN](https://developer.mozilla.org/en-US/docs/Learn) -- [HTML Standard](https://html.spec.whatwg.org/) -- [RFC 2616 - HTTP](https://www.rfc-editor.org/rfc/rfc2616) -- [PortSwigger - WebSecurity Academy](https://portswigger.net/web-security/learning-path) - -## Articles - -- [PortSwigger - Research](https://portswigger.net/research) -- [YesWeHack - Talent Development](https://blog.yeswehack.com/category/talent-development/) -- [Synacktiv - Publications](https://www.synacktiv.com/en/publications) -- [SonarSource - Security blog](https://www.sonarsource.com/blog/tag/security/) - -## Vulnerability Feeds - -- [Github Advisory Database (GHSA)](https://github.com/advisories?query=type%3Areviewed) -- [HackerOne - Disclosed reports](https://hackerone.com/hacktivity) - -## Books - -- JavaScript for hackers - Gareth Heyes diff --git a/content/en/docs/prologue/vulnerability-reports.md b/content/en/docs/prologue/vulnerability-reports.md deleted file mode 100644 index 3fdb74d..0000000 --- a/content/en/docs/prologue/vulnerability-reports.md +++ /dev/null @@ -1,76 +0,0 @@ ---- -title: "Vulnerability / CTF reports" -description: "List of interesting vulnerability reports and CTF writeups." -lead: "List of interesting vulnerability reports and CTF writeups." -date: 2023-01-01T00:00:00+00:00 -lastmod: 2023-01-01T00:00:00+00:00 -draft: false -images: [] -menu: - docs: - parent: "prologue" -weight: 100 -toc: true ---- - -## Blog - -- [jub0bs.com](https://jub0bs.com/posts/) -- [blog.ankursundara.com](https://blog.ankursundara.com/) -- [terjanq.medium.com](https://terjanq.medium.com/) -- [mizu.re](https://mizu.re/) -- [spaceraccoon.dev](https://spaceraccoon.dev/) -- [sekai.team](https://sekai.team/tags/web/) -- [org.anize.rs](https://org.anize.rs/writeups/) -- [larry.sh](https://larry.sh/) -- [brycec.me](https://brycec.me/blog) -- [blog.arkark.dev](https://blog.arkark.dev/) -- [blog.huli.tw](https://blog.huli.tw/en/categories/) -- [labs.detectify.com](https://labs.detectify.com/tag/frans-rosen/)* -- [ahmed-belkahla.me](https://ahmed-belkahla.me/#posts) - -## XSS - -- [GCP - XSS in POST Request & Markdown](https://obmiblog.blogspot.com/2022/12/gcp-2022-few-bugs-in-google-cloud-shell.html) - XSS in POST request using CSRF attack. Using [NEL](https://web.dev/network-error-logging/) to leak session token. -- [html-janitor - Bypassing sanitization using DOM clobbering](https://hackerone.com/reports/308158) -- [Microsoft Teams - XSS using a CSS class attribute inside AngularJS](https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own) - -## Client-Side - -- [Article - Shadow DOM data exfiltration](https://blog.ankursundara.com/shadow-dom/) & [CTF - shadow](https://github.com/Super-Guesser/ctf/blob/master/2022/dicectf/shadow.md) -- [Article - The great SameSite confusion](https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/) -- [Article - CSP bypass on Wordpress using SOME](https://octagon.net/blog/2022/05/29/bypass-csp-using-wordpress-by-abusing-same-origin-method-execution/) - -## Server-Side - -- [Article - Exploiting HTTP Parsers Inconsistencies](https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies) - -## XXE - -- [CTF - Client-Side XXE to exfiltrate a page](https://github.com/dicegang/dicectf-2023-challenges/tree/main/web/impossible-xss) - -## Information leakage - -- [Linkedin - Information disclosure by sending a GIF](https://hackerone.com/reports/1801427) - The victim automatically requests a webhook (fake GIF URL) when opening a message. This allows an attacker to retrieve the victim's UA and IP address. - -## Domains Takeover - -- [Brave - S3 Bucket Takeover](https://hackerone.com/reports/1835133) - An attacker can claim an S3 bucket that was previously used by Brave but now deleted. - -## SSRF - -- [Imgur - SSRF Attack Surface](https://hackerone.com/reports/115748) - SSRF vulnerability which allows an attacker to craft connections originating from imgur servers. -- [GCP - SSRF Host Check Bypass](https://blog.geekycat.in/client-side-ssrf-to-google-cloud-project-takeover/) - SSRF host check bypass using an OPR on a google subdomain. - -## Misconfiguration - -- [Article - NGINX alias misconfiguration](https://labs.hakaioffsec.com/nginx-alias-traversal/) - -## Prototype pollution - -- [Huntr - Mongoose Prototype Pollution](https://huntr.dev/bounties/1eef5a72-f6ab-4f61-b31d-fc66f5b4b467/) - -## Others - -- [Article - Detecting uBlock on Chrome Browser](https://blog.ankursundara.com/checking-enumerating-a-users-browser-extensions/) -- [Article - Exploitation of iCalendar standard](https://spaceraccoon.dev/exploiting-icalendar-properties-enterprise-applications/)