{"version":1,"pages":[{"id":"-Mf1CGh9qPU1RTEA3SyO","title":"XSS Filter Evasion and WAF Bypassing Tactics","pathname":"/pentest-book","siteSpaceId":"sitesp_lxpbh","description":"We will analyze various levels of evasion and bypassing tactics for XSS payloads."},{"id":"-Mf1PQvGvn7OVCVoGDHZ","title":"AWS Security Testing","pathname":"/pentest-book/aws-security","siteSpaceId":"sitesp_lxpbh","description":""},{"id":"-Mf1taRCZV107L_guhyk","title":"Azure Pentesting","pathname":"/pentest-book/azure-pentesting","siteSpaceId":"sitesp_lxpbh","description":""},{"id":"-Mf22ElbjvRMxTBKqRgQ","title":"GCP Pentesting","pathname":"/pentest-book/gcp-pentesting","siteSpaceId":"sitesp_lxpbh","description":""},{"id":"-Mf1x0L6VIi178RsdIt0","title":"XSS <Cross Site Scripting>","pathname":"/pentest-book/web-application-pentesting/xss-cross-site-scripting","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf1zE_pCOk4bchcP1Ot","title":"PDF Injection <XSS>","pathname":"/pentest-book/web-application-pentesting/xss-cross-site-scripting/pdf-injection-less-than-xss-greater-than","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"},{"label":"XSS <Cross Site Scripting>"}]},{"id":"-Mf1yj4XfmKJXDpstahB","title":"DOM XSS","pathname":"/pentest-book/web-application-pentesting/xss-cross-site-scripting/dom-xss","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"},{"label":"XSS <Cross Site Scripting>"}]},{"id":"-Mf1zsCaVpEnp8Jum6m0","title":"Server Side XSS <Dynamic PDF>","pathname":"/pentest-book/web-application-pentesting/xss-cross-site-scripting/server-side-xss-less-than-dynamic-pdf-greater-than","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"},{"label":"XSS <Cross Site Scripting>"}]},{"id":"-Mf2-MsWL3I5rzm6mX2L","title":"XSS Tools","pathname":"/pentest-book/web-application-pentesting/xss-cross-site-scripting/xss-tools","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"},{"label":"XSS <Cross Site Scripting>"}]},{"id":"-Mf21DpPnnHdCbzDN493","title":"SSRF <Server Side Request Forgery>","pathname":"/pentest-book/web-application-pentesting/ssrf-less-than-server-side-request-forgery-greater-than","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf21n2kWUtl66zIYnd2","title":"Open Redirect Vulnerability","pathname":"/pentest-book/web-application-pentesting/open-redirect-vulnerability","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf1vJ-7z2-YQXCYmvNG","title":"Command Injection","pathname":"/pentest-book/web-application-pentesting/command-injection","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2-wbap_cxxJQB4_i8","title":"File Upload","pathname":"/pentest-book/web-application-pentesting/file-upload","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf232sWfIm_SSbrIS4V","title":"Rate Limit Bypass Techniques","pathname":"/pentest-book/web-application-pentesting/rate-limit-bypass","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2GHtbdXDaDFuMyGNQ","title":"IDOR","pathname":"/pentest-book/web-application-pentesting/idor","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf1w-pzkE3Sml58PqaW","title":"Web Cache Poisoning /Web Cache Deception","pathname":"/pentest-book/web-application-pentesting/cache-poisoning-and-cache-deception","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2GdON1YgYW14U6bIc","title":"CSRF <Cross Site Request Forgery>","pathname":"/pentest-book/web-application-pentesting/csrf-less-than-cross-site-request-forgery-greater-than","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2sH4xAs5KdylUq2lQ","title":"XPATH injection","pathname":"/pentest-book/web-application-pentesting/xpath-injection","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2smy4rkf2WOa2UkeD","title":"LDAP Injection","pathname":"/pentest-book/web-application-pentesting/ldap-injection","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2tPSUNn4-1fDJkl5I","title":"JWT Vulnerabilities <Json Web Tokens>","pathname":"/pentest-book/web-application-pentesting/jwt-vulnerabilities-less-than-json-web-tokens-greater-than","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2u6fL7hUizcLTWMza","title":"CORS - Misconfigurations & Bypass","pathname":"/pentest-book/web-application-pentesting/cors-misconfigurations-and-bypass","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2xWtuCgECGF-Shx64","title":"Reset/Forgotten Password Bypass","pathname":"/pentest-book/web-application-pentesting/reset-forgotten-password-bypass","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2v04hXufjDcTFMnNo","title":"CRLF (%0D%0A) Injection","pathname":"/pentest-book/web-application-pentesting/crlf-0d-0a-injection","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3NUncwfk99NQSWvMA","title":"Clickjacking","pathname":"/pentest-book/web-application-pentesting/clickjacking","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2v_1f9YTuYeclgbXp","title":"Hostile Domain/Subdomain takeover","pathname":"/pentest-book/web-application-pentesting/hostile-domain-subdomain-takeover","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2zyrIeg9js9DBUkQ2","title":"Server Side Inclusion/Edge Side Inclusion Injection","pathname":"/pentest-book/web-application-pentesting/server-side-inclusion-edge-side-inclusion-injection","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf2wSgQ9JIjgjSmp482","title":"HTTP Request Smuggling / HTTP Desync Attack","pathname":"/pentest-book/web-application-pentesting/http-request-smuggling-http-desync-attack","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3GY5Q2Oal5vf6zZPt","title":"SAML Attacks","pathname":"/pentest-book/web-application-pentesting/saml-attacks","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf35tfCQ_8hhaBpGYLg","title":"OAuth to Account takeover","pathname":"/pentest-book/web-application-pentesting/oauth-to-account-takeover","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3-o1sAeOd0hgJMKZm","title":"Cross-site WebSocket hijacking (CSWSH)","pathname":"/pentest-book/web-application-pentesting/cross-site-websocket-hijacking-cswsh","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3HmzvxlVvZYi7aZyn","title":"Uncovering CloudFlare","pathname":"/pentest-book/web-application-pentesting/uncovering-cloudflare","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3Jyw50dTXJuF-ND4b","title":"Email Header Injection","pathname":"/pentest-book/web-application-pentesting/email-header-injection","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3KFuVINXx_Iq1uFUI","title":"Unicode Normalization vulnerability","pathname":"/pentest-book/web-application-pentesting/unicode-normalization-vulnerability","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3JezryMKiXoxEqNzd","title":"Registration Vulnerabilities","pathname":"/pentest-book/web-application-pentesting/registration-vulnerabilities","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]},{"id":"-Mf3HUYhASnSoXsHJLYC","title":"Race Condition","pathname":"/pentest-book/web-application-pentesting/race-condition","siteSpaceId":"sitesp_lxpbh","description":"","breadcrumbs":[{"label":"Web Application Pentesting"}]}]}