#python#bounty#bugbounty#bypass#cheatsheet#enumeration#hacking#hacktoberfest#methodology#payload#payloads#penetration_testing#pentest#privilege_escalation#redteam#security#vulnerability#web_application
Payloads All The Things is a comprehensive collection of useful payloads and bypass techniques for web application security testing and penetration testing. It offers detailed documentation for each vulnerability, including how to exploit it and ready-to-use payloads, plus files for tools like Burp Intruder. You can contribute your own payloads or improvements, making it a collaborative resource. It also links to related projects for internal network and hardware pentesting, and provides learning resources like books and videos. Using this resource helps you efficiently find and test security weaknesses in web applications, improving your pentesting effectiveness and knowledge.
https://github.com/swisskyrepo/PayloadsAllTheThings
https://pypi.python.org/pypi/oauthlib
A generic, spec-compliant, thorough implementation of the #OAuth request-signing logic for python
OAuth often seems complicated and difficult-to-implement. There are several prominent libraries for handling OAuth requests, but they all suffer from one or both of the following:
They predate the OAuth 1.0 spec, AKA RFC 5849.
They predate the OAuth 2.0 spec, AKA RFC 6749.
They assume the usage of a specific HTTP request library.
OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you’re a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort.
https://aaronparecki.com/2012/07/29/2/oauth2-simplified#others
OAuth 2 Simplified
Sun, Jul 29, 2012 9:30am -07:00
Many services such as #Facebook, #Github, and #Google have already deployed OAuth 2 servers, and deployed implementations win.
The #OAuth 2 spec itself leaves many decisions up to the implementor. Instead of describing all possible decisions that need to be made to successfully implement OAuth 2, this post makes decisions that are appropriate for most implementations.
This post is an attempt to describe OAuth 2 in a simplified format to help developers and service providers implement the protocol.