mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 11:35:51 +00:00

Files

T

copilot-swe-agent[bot] 68b76036df Add comprehensive payloads and 4 new vulnerability types (SSTI, HTTP Request Smuggling, CORS, JWT)

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

2026-01-05 14:50:15 +00:00

README.md

Restructure repository: Remove OWASP categorization, organize by vulnerability type

2026-01-04 19:01:04 +00:00

weak-crypto-payloads.txt

Add comprehensive payloads and 4 new vulnerability types (SSTI, HTTP Request Smuggling, CORS, JWT)

2026-01-05 14:50:15 +00:00

README.md

Weak Cryptography

Description

Weak cryptography vulnerabilities occur when applications use outdated, weak, or improperly implemented cryptographic algorithms and protocols. This can lead to data exposure, man-in-the-middle attacks, and other security breaches.

Common Issues

Use of weak hashing algorithms (MD5, SHA1)
Weak encryption algorithms (DES, RC4)
Hardcoded cryptographic keys
Insufficient key lengths
Improper SSL/TLS configuration
Predictable random number generation

Testing Approach

Identify cryptographic implementations and test for weak algorithms, hardcoded secrets, and improper configurations.

Payloads

See weak-crypto-payloads.txt for a comprehensive list of weak cryptography indicators and test cases.