WEB
a web of poor design decisions
XSS
xss challs /usually) either simply require a popped alert, or have a user(cronjob) that visits a website whose cookies should get stolen
'"<>;{}-=`#/* are all interesting chars. See if you can construct a javascript context with them in the dom
Consider CSP and CSP bypasses
SQLi
Try inserting ' and SLEEP payloads, basically every dbms can be injected.
dont rely too much on sqlmap
IDOR
try different values for parameters such as id=3 -> try 0,1,2,4,-1,100,10000,...
File Upload
Any File upload is suspicious, try changing mime, magic bytes, filename, content-type,... some combination might work
try uploading weird files for weird error messages
PHP
Php alone is a vulnerability ;) so many gotchas, read the reference for every function, be aware of types and strong/weak comparisons etc.
SSRF/LFI/RFI/XXE
many more possible vulnerability types that may be more or less streightforward to exploit
Last updated
Was this helpful?