mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00

Files

T

History

copilot-swe-agent[bot] bc2ccbb10e Add XML injection, prompt injection, enhanced open redirect payloads, and contribution guidelines

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

2026-01-04 19:33:07 +00:00

open-redirect-payloads.txt

Add XML injection, prompt injection, enhanced open redirect payloads, and contribution guidelines

2026-01-04 19:33:07 +00:00

README.md

Restructure repository: Remove OWASP categorization, organize by vulnerability type

2026-01-04 19:01:04 +00:00

README.md

Open Redirect

Description

Open redirect vulnerabilities occur when a web application accepts user-controlled input that specifies a link to an external site and uses that link in a redirect. This can be used for phishing attacks or to bypass security controls.

Common Attack Vectors

URL parameters (redirect, url, return, next)
Login/logout redirect parameters
OAuth callback URLs
Error page redirects

Testing Approach

Submit external URLs in redirect parameters to test if the application redirects to arbitrary external sites.

Payloads

See open-redirect-payloads.txt for a comprehensive list of open redirect payloads.