# WEB

- [Front-End](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end.md)
- [Clickjacking](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/clickjacking.md)
- [Subresource Integrity (SRI) Bypass](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/subresource-integrity-sri-bypass.md)
- [Reflected XSS](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/reflected-xss.md)
- [Malvertising](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/malvertising.md)
- [HTML Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/html-injection.md)
- [DOM based XSS](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/dom-based-xss.md)
- [DOM based Vulnerabilities](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/dom-based-vulnerabilities.md)
- [CSS Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/css-injection.md)
- [Cross Origin Resource Sharing (CORS) Misconfiguration](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/cross-origin-resource-sharing-cors-misconfiguration.md)
- [Content Security Policy (CSP) Bypass](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/content-security-policy-csp-bypass.md)
- [Client side Prototype Pollution](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/front-end/client-side-prototype-pollution.md)
- [Back-End](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end.md)
- [Autenticação](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao.md)
- [Password Mismanagement](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao/password-mismanagement.md)
- [Server Side Template Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao/server-side-template-injection.md)
- [JWT exploitation](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao/jwt-exploitation.md)
- [OAuth Authentication](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao/oauth-authentication.md)
- [Session Fixation](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao/session-fixation.md)
- [Weak Session IDs](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/autenticacao/weak-session-ids.md)
- [APIs](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis.md)
- [Broken Function Level Authorization (BFLA)](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/broken-function-level-authorization-bfla.md)
- [Broken Object Level Authorization (BOLA)](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/broken-object-level-authorization-bola.md)
- [Broken User Authentication](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/broken-user-authentication.md)
- [Command or Code Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/command-or-code-injection.md)
- [Excessive Data Exposure](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/excessive-data-exposure.md)
- [GraphQL Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/graphql-injection.md)
- [Improper Inventory Management](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/improper-inventory-management.md)
- [Lack of Resources & Rate Limiting](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/lack-of-resources-and-rate-limiting.md)
- [Mass Assignment](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/mass-assignment.md)
- [Security Misconfiguration](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/security-misconfiguration.md)
- [Unrestricted Access to Business Flows](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/unrestricted-access-to-business-flows.md)
- [Unsafe Consumption of APIs](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/apis/unsafe-consumption-of-apis.md)
- [Open Redirects](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/open-redirects.md)
- [OS Command Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/os-command-injection.md)
- [Shell Shock](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/back-end/shell-shock.md)
- [Planejamento e Lógica](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/planejamento-e-logica.md)
- [Broken Access Control](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/planejamento-e-logica/broken-access-control.md)
- [Directory Traversal](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/planejamento-e-logica/directory-traversal.md)
- [File Upload Vulnerabilities](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/planejamento-e-logica/file-upload-vulnerabilities.md)
- [Server Side (Infraestrutura Web)](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web.md)
- [Cross Site Script Inclusion](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/cross-site-script-inclusion.md)
- [Distribuite Denial of Service Attacks](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/distribuite-denial-of-service-attacks.md)
- [Host Header Injection](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/host-header-injection.md)
- [Host Header Poisoning](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/host-header-poisoning.md)
- [Lax Security Settings](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/lax-security-settings.md)
- [Mass Assignment](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/mass-assignment.md)
- [Race Condition](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/race-condition.md)
- [Server Side Request Forgery](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/server-side-request-forgery.md)
- [Web Cache Deception](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/web-cache-deception.md)
- [Web Cache Poisoning](https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web/server-side-infraestrutura-web/web-cache-poisoning.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://0xmorte.gitbook.io/bibliadopentestbr/tecnicas/web.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.