β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦403 Forbidden Error Variations :
Like many other HTTP status codes, there are a lot of different variations for how this error code presents itself.
Here are some common variations that you might come across:
1οΈβ£βForbidden β You donβt have permission to access / on this serverβ
2οΈβ£ β403 β Forbidden: Access is deniedβ
3οΈβ£β403 β Forbidden Error β You are not allowed to access this addressβ
4οΈβ£β403 Forbidden β nginxβ (host)
5οΈβ£βHTTP Error 403 β Forbidden β You do not have permission to access the document or program you requestedβ
6οΈβ£β403 Forbidden β Access to this resource on the server is deniedβ
7οΈβ£β403. Thatβs an error. Your client does not have permission to get URL / from this serverβ
8οΈβ£βYou are not authorized to view this pageβ
8οΈβ£βIt appears you donβt have permission to access this page.β
If youβre on an Nginx server, it will look like this below. Basically, if you see any mention of βforbiddenβ or βnot allowed to accessβ, youβre probably dealing with a 403 Forbidden error.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦403 Forbidden Error Variations :
Like many other HTTP status codes, there are a lot of different variations for how this error code presents itself.
Here are some common variations that you might come across:
1οΈβ£βForbidden β You donβt have permission to access / on this serverβ
2οΈβ£ β403 β Forbidden: Access is deniedβ
3οΈβ£β403 β Forbidden Error β You are not allowed to access this addressβ
4οΈβ£β403 Forbidden β nginxβ (host)
5οΈβ£βHTTP Error 403 β Forbidden β You do not have permission to access the document or program you requestedβ
6οΈβ£β403 Forbidden β Access to this resource on the server is deniedβ
7οΈβ£β403. Thatβs an error. Your client does not have permission to get URL / from this serverβ
8οΈβ£βYou are not authorized to view this pageβ
8οΈβ£βIt appears you donβt have permission to access this page.β
If youβre on an Nginx server, it will look like this below. Basically, if you see any mention of βforbiddenβ or βnot allowed to accessβ, youβre probably dealing with a 403 Forbidden error.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Dns spy 2020 updated -Reverse engeneer :
Too much features :
1) Debug .NET Framework, .NET Core and Unity game assemblies, no source code required
2) Set breakpoints and step into any assembly
Locals, watch, autos windows
3) Variables windows support saving variables (eg. decrypted byte arrays) to disk or view them in the hex editor (memory window)
4) Object IDs
5) Multiple processes can be debugged at the same time
6) Break on module load
7) Tracepoints and conditional breakpoints
8) Export/import breakpoints and tracepoints
9) Call stack, threads, modules, processes windows
10) Break on thrown exceptions (1st chance)
11) Variables windows support evaluating C# / Visual Basic expressions
12) Dynamic modules can be debugged (but not dynamic methods due to CLR limitations)
13) Output window logs various debugging events, and it shows timestamps by default :)
14) Assemblies that decrypt themselves at runtime can be debugged, dnSpy will use the in-memory image. You can also force dnSpy to always use in-memory images instead of disk files.
15) Public API, you can write an extension or use the C# Interactive window to control the debugger
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone --recursive https://github.com/0xd4d/dnSpy.git
2οΈβ£cd dnSpy
# or dotnet build
3οΈβ£./build.ps1 -NoMsbuild
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Dns spy 2020 updated -Reverse engeneer :
Too much features :
1) Debug .NET Framework, .NET Core and Unity game assemblies, no source code required
2) Set breakpoints and step into any assembly
Locals, watch, autos windows
3) Variables windows support saving variables (eg. decrypted byte arrays) to disk or view them in the hex editor (memory window)
4) Object IDs
5) Multiple processes can be debugged at the same time
6) Break on module load
7) Tracepoints and conditional breakpoints
8) Export/import breakpoints and tracepoints
9) Call stack, threads, modules, processes windows
10) Break on thrown exceptions (1st chance)
11) Variables windows support evaluating C# / Visual Basic expressions
12) Dynamic modules can be debugged (but not dynamic methods due to CLR limitations)
13) Output window logs various debugging events, and it shows timestamps by default :)
14) Assemblies that decrypt themselves at runtime can be debugged, dnSpy will use the in-memory image. You can also force dnSpy to always use in-memory images instead of disk files.
15) Public API, you can write an extension or use the C# Interactive window to control the debugger
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone --recursive https://github.com/0xd4d/dnSpy.git
2οΈβ£cd dnSpy
# or dotnet build
3οΈβ£./build.ps1 -NoMsbuild
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
dnSpy/dnSpy
.NET debugger and assembly editor. Contribute to dnSpy/dnSpy development by creating an account on GitHub.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Popular Testing Methodes & tools 2020 for apps-servers :
#Javascript Tools
* [Retire.js](https://retirejs.github.io/retire.js)
#Popular Commercial Tools
* [Qualys Web Scanning](https://www.qualys.com/apps/web-app-scanning/)
* [IBM Security AppScan](https://www.ibm.com/security/application-security/appscan)
#XSS - Cross-Site Scripting
- [Cross-Site Scripting Γ’β¬β Application Security Γ’β¬β Google](https://www.google.com/intl/sw/about/appsecurity/learning/xss/) - Introduction to XSS by [Google](https://www.google.com/).
- [H5SC](https://github.com/cure53/H5SC) - HTML5 Security Cheatsheet - Collection of HTML5 related XSS attack vectors by [@cure53](https://github.com/cure53).
- [XSS.png](https://github.com/jackmasa/XSS.png) - XSS mind map by [@jackmasa](https://github.com/jackmasa).
- [EXCESS-XSS Guide](https://excess-xss.com/) - Comprehensive tutorial on cross-site scripting by [@JakobKallin](https://github.com/JakobKallin) and [Irene Lobo Valbuena](https://www.linkedin.com/in/irenelobovalbuena/).
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Popular Testing Methodes & tools 2020 for apps-servers :
#Javascript Tools
* [Retire.js](https://retirejs.github.io/retire.js)
#Popular Commercial Tools
* [Qualys Web Scanning](https://www.qualys.com/apps/web-app-scanning/)
* [IBM Security AppScan](https://www.ibm.com/security/application-security/appscan)
#XSS - Cross-Site Scripting
- [Cross-Site Scripting Γ’β¬β Application Security Γ’β¬β Google](https://www.google.com/intl/sw/about/appsecurity/learning/xss/) - Introduction to XSS by [Google](https://www.google.com/).
- [H5SC](https://github.com/cure53/H5SC) - HTML5 Security Cheatsheet - Collection of HTML5 related XSS attack vectors by [@cure53](https://github.com/cure53).
- [XSS.png](https://github.com/jackmasa/XSS.png) - XSS mind map by [@jackmasa](https://github.com/jackmasa).
- [EXCESS-XSS Guide](https://excess-xss.com/) - Comprehensive tutorial on cross-site scripting by [@JakobKallin](https://github.com/JakobKallin) and [Irene Lobo Valbuena](https://www.linkedin.com/in/irenelobovalbuena/).
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
retirejs.github.io
Retire.js
Retire.js : What you require you must also retire
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#SQL Injection for beginers best 2020 resources :
- [SQL Injection Cheat Sheet](https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/) - Written by [@netsparker](https://twitter.com/netsparker).
- [SQL Injection Wiki](https://sqlwiki.netspi.com/) - Written by [NETSPI](https://www.netspi.com/).
- [SQL Injection Pocket Reference](https://websec.ca/kb/sql_injection) -
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#SQL Injection for beginers best 2020 resources :
- [SQL Injection Cheat Sheet](https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/) - Written by [@netsparker](https://twitter.com/netsparker).
- [SQL Injection Wiki](https://sqlwiki.netspi.com/) - Written by [NETSPI](https://www.netspi.com/).
- [SQL Injection Pocket Reference](https://websec.ca/kb/sql_injection) -
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Invicti
SQL Injection Cheat Sheet
The Invicti SQL Injection Cheat Sheet is the definitive resource for payloads and technical details about exploiting many different variants of SQLi vulnerabilities.