yaklang.io Project

hack

sqli-sql-injection

code-obfuscation-deobfuscation

xss-cross-site-scripting

ssrf-server-side-request-forgery

api-sec

api-recon-and-docs

recon-and-methodology

android-pentesting-tricks

api-auth-and-jwt-abuse

recon-for-sec

jwt-oauth-token-attacks

websocket-security

authbypass-authentication-flaws

waf-bypass-techniques

auth-sec

injection-checking

business-logic-vulnerabilities

idor-broken-object-authorization

401-403-bypass-techniques

oauth-oidc-misconfiguration

api-authorization-and-bola

heap-exploitation

csrf-cross-site-request-forgery

business-logic-vuln

cors-cross-origin-misconfiguration

path-traversal-lfi

traffic-analysis-pcap

cmdi-command-injection

file-access-vuln

deserialization-insecure

format-string-exploitation

graphql-and-hidden-parameters

crlf-injection

insecure-source-code-management

browser-exploitation-v8

prototype-pollution

xslt-injection

type-juggling

http-host-header-attacks

active-directory-kerberos-attacks

hash-attack-techniques

mobile-ssl-pinning-bypass

email-header-injection

linux-lateral-movement

ai-ml-security

dns-rebinding-attacks

classical-cipher-analysis

symmetric-cipher-attacks

ntlm-relay-coercion