🛠️ Hacker Resource Guide

Click any vulnerability to explore payloads, techniques, and examples.

SQL Injection

Inject malicious SQL queries to manipulate databases.

/sql-injection

XSS (Cross-Site Scripting)

Inject scripts into web pages viewed by others.

/xss

CSRF (Cross-Site Request Forgery)

Forge requests on behalf of authenticated users.

/csrf

RCE (Remote Code Execution)

Execute arbitrary code on a remote machine.

/rce

LFI (Local File Inclusion)

Include arbitrary files from the local file system.

/file-inclusion

IDOR (Insecure Direct Object Reference)

Access unauthorized resources by modifying object references.

/idor

SSRF (Server-Side Request Forgery)

Trick server into making requests to internal resources.

/ssrf

Clickjacking

Trick users into clicking hidden UI elements.

/clickjacking

Open Redirect

Redirect users to untrusted locations using manipulated URLs.

/open-redirect