GitBook: [master] 6 pages modified
This commit is contained in:
parent
750fc68f57
commit
40047625aa
@ -300,8 +300,7 @@
|
||||
|
||||
## Pentesting Web
|
||||
|
||||
* [2FA/OTP Bypass](pentesting-web/2fa-bypass/README.md)
|
||||
* [Regular expression Denial of Service - ReDoS](pentesting-web/2fa-bypass/regular-expression-denial-of-service-redos.md)
|
||||
* [2FA/OTP Bypass](pentesting-web/2fa-bypass.md)
|
||||
* [Abusing hop-by-hop headers](pentesting-web/abusing-hop-by-hop-headers.md)
|
||||
* [Bypass Payment Process](pentesting-web/bypass-payment-process.md)
|
||||
* [Captcha Bypass](pentesting-web/captcha-bypass.md)
|
||||
@ -342,6 +341,7 @@
|
||||
* [PostMessage Vulnerabilities](pentesting-web/postmessage-vulnerabilities.md)
|
||||
* [Race Condition](pentesting-web/race-condition.md)
|
||||
* [Rate Limit Bypass](pentesting-web/rate-limit-bypass.md)
|
||||
* [Regular expression Denial of Service - ReDoS](pentesting-web/regular-expression-denial-of-service-redos.md)
|
||||
* [SQL Injection](pentesting-web/sql-injection/README.md)
|
||||
* [MSSQL Injection](pentesting-web/sql-injection/mssql-injection.md)
|
||||
* [Oracle injection](pentesting-web/sql-injection/oracle-injection.md)
|
||||
|
@ -47,7 +47,7 @@ There is a rate limit but when you "resend the code" the same code is sent and t
|
||||
|
||||
#### Client side rate limit bypass
|
||||
|
||||
[Read this post.](../rate-limit-bypass.md)
|
||||
[Read this post.](rate-limit-bypass.md)
|
||||
|
||||
#### Lack of rate limit in user's account
|
||||
|
@ -1,12 +1,12 @@
|
||||
# Regular expression Denial of Service - ReDoS
|
||||
|
||||
**Copied from** [**https://owasp.org/www-community/attacks/Regular\_expression\_Denial\_of\_Service\_-\_ReDoS**](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\*\*\*\*
|
||||
|
||||
## Introduction
|
||||
|
||||
**Copied from** [**https://owasp.org/www-community/attacks/Regular\_expression\_Denial\_of\_Service\_-\_ReDoS**](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)\*\*\*\*
|
||||
|
||||
The **Regular expression Denial of Service \(ReDoS\)** is a [Denial of Service](https://owasp.org/www-community/attacks/Denial_of_Service) attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly \(exponentially related to input size\). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time.
|
||||
|
||||
## Description
|
||||
### Description
|
||||
|
||||
#### The problematic Regex naïve algorithm <a id="the-problematic-regex-naïve-algorithm"></a>
|
||||
|
@ -356,7 +356,7 @@ Check for this vulnerabilities:
|
||||
|
||||
## **User input Web Vulnerabilities list**
|
||||
|
||||
* \*\*\*\*[**2FA Bypass**](../../pentesting-web/2fa-bypass/)\*\*\*\*
|
||||
* \*\*\*\*[**2FA Bypass**](../../pentesting-web/2fa-bypass.md)\*\*\*\*
|
||||
* \*\*\*\*[**Captcha Bypass**](../../pentesting-web/captcha-bypass.md)\*\*\*\*
|
||||
* \*\*\*\*[**Clickjacking**](../../pentesting-web/clickjacking.md)\*\*\*\*
|
||||
* \*\*\*\*[**Client Side Template Injection \(CSTI\)**](../../pentesting-web/client-side-template-injection-csti.md)\*\*\*\*
|
||||
|
Loading…
Reference in New Issue
Block a user