Folder: Compendium/Web-Security

May 17, 2026

• web
• hsts
• csp
• x-frame-options
• content-security-policy
• xss-protection
• cors-headers
• nosniff
• referrer
• security-headers

May 17, 2026

• web
• origin
• access-control
• preflight
• credentials
• same-origin
• wildcard
• misconfiguration
• cors

May 17, 2026

• web
• state
• token
• anti-csrf
• samesite
• referer
• double-submit
• forged-request
• csrf

May 17, 2026

• web
• httponly
• secure
• samesite
• csrf
• session
• cookie-theft
• cookies

May 17, 2026

• web
• jose
• jws
• jwe
• jwk
• jwa
• signature
• encryption
• rfc7519
• jwt
• authentication
• authorisation
• jsonwebtoken
• token
• sessionmanagement
• session

May 17, 2026

• web
• path-traversal
• include
• rfi
• php
• null-byte
• directory-traversal
• wrapper
• lfi

May 17, 2026

• web
• sqli
• injection
• union
• blind
• time-based
• error-based
• bypass
• sqlmap
• stacked
• out-of-band
• sql

May 17, 2026

• web
• localhost
• internal
• cloud-metadata
• bypass
• 169.254
• redirect
• blind-ssrf
• aws-imds
• ssrf

May 17, 2026

• web
• reflected
• stored
• dom
• payload
• bypass
• csp-bypass
• javascript
• alert
• cookie-theft
• xss

May 17, 2026

• web
• xxe
• entity
• dtd
• ssrf
• lfi
• blind-xxe
• oob
• xml-injection
• file-read
• xml