Cheatsheets

In-depth reference guides covering vulnerability theory, detection, exploitation, and defense — all in one page per topic.

cheatsheetApril 19, 2026#ssrf#cloud#filter-bypass

Server-Side Request Forgery (SSRF)

Complete breakdown of SSRF — where to look, types, protocols, filter bypass, cloud metadata, paths to RCE, defenses. Theory, methodology, cheat sheet.

cheatsheetApril 19, 2026#ssti#template-injection#rce

Server-Side Template Injection (SSTI)

Complete SSTI breakdown — detection, engine identification, sandbox escape, per-engine exploitation, blind SSTI, defense. Theory, methodology, cheatsheet.

cheatsheetApril 19, 2026#xxe#xml#dtd

XML External Entity (XXE)

Complete XXE breakdown — XML entities, DTD, all attack vectors, blind/error-based, bad character bypasses, defense by language. Theory, methodology, cheatsheet.