appsec.fyi · Sources

invicti.com

16 curated AppSec resources from invicti.com across 11 topics on appsec.fyi.

invicti.com

Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-19.

JWT 4 Deser 2 SSRF 2 AI 1 API Sec 1 AuthZ 1 CSRF 1 RCE 1 SQLi 1 SSTI 1 XXE 1
Date Added Resource Excerpt
2026-04-19 2026Broken Object-Level Authorization (BOLA): What It Is and How to Prevent ItAPI SecBroken Object-Level Authorization (BOLA): What It Is and How to Prevent It
2026-04-17 2026Code Execution via SSTI Ruby ERB (Invicti)SSTICode Execution via SSTI Ruby ERB (Invicti)
2026-04-17 2026JWT Forgery via unvalidated jku parameter (Invicti)JWTJWT Forgery via unvalidated jku parameter (Invicti)
2026-04-16 2026Out-of-Band XML External Entity (OOB XXE)XXEOut-of-Band XML External Entity (OOB XXE)
2026-04-16 2026SQL Injection Cheat Sheet - InvictiSQLiSQL Injection Cheat Sheet - Invicti
2026-04-11 2026JWT Signature Bypass via unvalidated jku parameterJWTJWT Signature Bypass via unvalidated jku parameter
2026-04-11 2026JWT Signature Bypass via kid Path TraversalJWTJWT Signature Bypass via kid Path Traversal
2026-04-11 2026JWT Signature Bypass via kid SQL injectionJWTJWT Signature Bypass via kid SQL injection
2026-04-11 2026OWASP Top 10 for LLMs 2025: Key Risks and Mitigation StrategiesAIOWASP Top 10 for LLMs 2025: Key Risks and Mitigation Strategies
2026-04-10 2026Broken Access Control: How to Detect and PreventAuthZBroken Access Control: How to Detect and Prevent
2026-04-10 2026Preventing CSRF with the SameSite Cookie AttributeCSRFPreventing CSRF with the SameSite Cookie Attribute
2026-04-10 2026.NET JSON.NET Deserialization RCEDeser.NET JSON.NET Deserialization RCE
2026-04-10 2026Insecure Deserialization in Web ApplicationsDeserInsecure Deserialization in Web Applications
2026-04-03 2026Rejetto HTTP File Server SSTI RCE (CVE-2024-23692) | InvictiRCERejetto HTTP File Server SSTI RCE (CVE-2024-23692) | Invicti
2026-04-03 2026Server-Side Request Forgery (SSRF) | InvictiSSRFServer-Side Request Forgery (SSRF) | Invicti
2025-08-14 2025Server-Side Request Forgery (SSRF)SSRFServer-Side Request Forgery (SSRF) is a security vulnerability where an attacker can manipulate a server into making unintended requests. This can lead to unauthorized access to internal systems, data leaks, or server exploitation. SSRF can be exploited through various methods like URL manipulation or exploiting insecure server configurations. To prevent SSRF attacks, it is crucial to validate and sanitize user input, restrict server access to sensitive resources, and implement secure coding practices. Regular security audits and updates are essential to identify and mitigate SSRF vulnerabilities to protect servers and data from exploitation.