From 384af43d4220eb93abe06668210c594923fb9a8c Mon Sep 17 00:00:00 2001
From: JJ
Date: Thu, 23 Nov 2023 19:35:03 -0800
Subject: meow

---
 ctf/web.md | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

(limited to 'ctf/web.md')

diff --git a/ctf/web.md b/ctf/web.md
index 3e40a62..09107d1 100644
--- a/ctf/web.md
+++ b/ctf/web.md
@@ -1,5 +1,30 @@
-# Web Security
-
-## Resources
+# web security
 
 - [websec.fr](https://websec.fr)
+
+## tooling
+
+- devtools
+- burp suite
+- mitmproxy
+- ???
+
+## common attacks
+
+### sqli: sql injection
+
+### xss: cross-site scripting
+
+### xxe: external entity injection
+
+### csrf: cross-site request forgery
+
+### ssrf: server-side request forgery
+
+### request smuggling
+
+### prototype pollution
+
+## common failures
+
+### trusting headers
-- 
cgit v1.2.3-70-g09d2