mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 11:35:51 +00:00

Files

T

copilot-swe-agent[bot] ba72efbc5e Restructure repository: Remove OWASP categorization, organize by vulnerability type

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

2026-01-04 19:01:04 +00:00

649 B

Raw Permalink Blame History

Open Redirect

Description

Open redirect vulnerabilities occur when a web application accepts user-controlled input that specifies a link to an external site and uses that link in a redirect. This can be used for phishing attacks or to bypass security controls.

Common Attack Vectors

URL parameters (redirect, url, return, next)
Login/logout redirect parameters
OAuth callback URLs
Error page redirects

Testing Approach

Submit external URLs in redirect parameters to test if the application redirects to arbitrary external sites.

Payloads

See open-redirect-payloads.txt for a comprehensive list of open redirect payloads.

649 B Raw Permalink Blame History