What is this?
Pwn The Notes is a web security vulnerability knowledge library that systematically classifies over 100 web vulnerability classes into 13 categories. Unlike conventional cheat sheets or CVE lists, each topic is organized based on structural mutation criteria — what is mutated, what mismatch results, and where it is exploited as an attack.
Each topic is an in-depth structured reference document, covering the entire attack surface of a vulnerability class through a three-axis taxonomy (Mutation Target, Bypass/Mismatch Type, Attack Scenario).
Topics
Injection
| Category | Description |
|---|---|
| SQL Injection | SQL injection mutation vectors and filter bypass taxonomy |
| NoSQL Injection | NoSQL injection operators, syntax variations, and blind extraction |
| Command Injection | OS command injection chaining, filter evasion, and shell-specific mutations |
| XSS | Context-dependent Cross-Site Scripting payloads and filter bypasses |
| SSTI | Server-Side Template Injection in various template engines |
| EL Injection | Expression Language injection in Java EE / Spring ecosystem |
| XXE | XML External Entity injection, OOB exfiltration, and parser differentials |
| XPath Injection | Query injection mutation taxonomy on LDAP and XPath |
| Prototype Pollution | JavaScript prototype chain pollution vectors and gadget chains |
| GraphQL | GraphQL introspection abuse, batching attacks, and injection vectors |
| LaTeX Injection | LaTeX injection mutation vectors and document processing exploitation |
| Protocol-Level Injection | Protocol-level injection on SMTP, LDAP, and other wire protocols |
| XSLT Injection | Server-Side Includes, Edge Side Includes, and XSLT injection for RCE |
| ORM Misuse → SQL Injection | ORM query function misuse leading to SQL injection |
| CSV Formula Injection | Spreadsheet formula injection through CSV/Excel export functionality |
| CSS Injection | CSS-based data exfiltration and style injection attacks |
Authentication & Authorization
| Category | Description |
|---|---|
| Authentication Bypass & SSO | Authentication bypass patterns and Single Sign-On mechanisms. |
| OAuth | OAuth 2.0 flow exploitation and token theft patterns. |
| JWT | JSON Web Token algorithm confusion, key injection, and claim abuse. |
| SAML | SAML assertion forgery, signature wrapping, and parser differentials. |
| CORS Misconfiguration | Cross-Origin Resource Sharing misconfiguration exploitation patterns. |
| BOLA | Broken Object Level Authorization and reference manipulation. |
| Account Takeover | Authentication bypass chains and account recovery exploitation. |
| Mass Assignment | Parameter binding abuse and hidden field injection. |
| Cryptographic Implementation Vulnerabilities | Cryptographic implementation vulnerabilities in web contexts and bypass patterns. |