0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c63df0b008db7b55ce1108da20dbea67aa873ba6
hunting/Open-Redirect/README.md
T

17 lines
649 B
Markdown
Raw Blame History

# Open Redirect
## Description
Open redirect vulnerabilities occur when a web application accepts user-controlled input that specifies a link to an external site and uses that link in a redirect. This can be used for phishing attacks or to bypass security controls.
## Common Attack Vectors
- URL parameters (redirect, url, return, next)
- Login/logout redirect parameters
- OAuth callback URLs
- Error page redirects
## Testing Approach
Submit external URLs in redirect parameters to test if the application redirects to arbitrary external sites.
## Payloads
See `open-redirect-payloads.txt` for a comprehensive list of open redirect payloads.
Reference in New Issue View Git Blame Copy Permalink