Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Web security covers exploitation of vulnerabilities in web applications, from injection attacks and authentication bypasses to client-side exploits and API abuse. Quick reference for web engagements and CTFs focused on web application security.

What’s Inside

Injection

SQL injection, command injection, SSTI, and XXE, extraction and exploitation techniques.

Authentication

Broken auth, JWT attacks, OAuth misconfigurations, and session hijacking.

Client-Side

XSS, CSRF, CORS misconfigurations, and clickjacking.

API & Logic

API abuse, IDOR, broken object-level authorization, and business logic flaws.
Techniques documented for use in authorized environments only. CTF platforms, bug bounty programs, and applications with explicit permission to test.
This section is under active development. More techniques and pages are being added.