Exploiting server side parameter pollution in a REST URL | PortSwigger Academy tutorial

Описание к видео Exploiting server side parameter pollution in a REST URL | PortSwigger Academy tutorial

PortSwigger Academy Lab: https://portswigger.net/web-security/...
Free Burp Suite Professional trial: https://portswigger.net/burp/pro/trial
Server-side variable names list: https://github.com/antichown/burp-pay...
Common API definition filenames:
swagger.yaml
swagger.json
openapi.yaml
openapi.json
api.raml
api.yaml
api.json
service.wsdl
service.xml
service-definition.wsdl
schema.graphql
schema.json
collection.json
postman_collection.json
api.apib
api.md
api-blueprint.md
service.proto
api.proto
asyncapi.yaml
asyncapi.json
service.wadl
application.wadl
api.yaml
api.json
Remember that these are common conventions, and actual filenames may vary based on project preferences and requirements.

Комментарии

Информация по комментариям в разработке

Похожие видео