Offensive Security Cheatsheet - Haax
...PHP preg_match () # It is possible to bypass some functions like preg_match by injecting non-alphanumeric char # If the application uses eval() on the user input, the payload will still be executed # Application code...
https://cheatsheet.haax.fr/web-pentest/php-vulnerabilities/functions/
The Ultimate PHP Cheat Sheet: Tips, Tricks, and Hacks
...As a Senior PHP Developer who?s been tinkering with code for ages, I?ve gathered some cool tips and tricks that will help make your coding life a bit easier....
https://sergheipogor.medium.com/the-ultimate-php-cheat-sheet-tips-tricks-and-hacks-736950d4f105
Offensive Security Cheatsheet
...Special thanks to @Maki for teaching many tricks, methods and for the Hugo theme, but also to @_ACKNAK_ for the cheatsheet basis I started from, some months ago....
https://cheatsheet.haax.fr/
Offensive Security Cheatsheet
...Create a content/_footer.md file to customize the footer content....
https://cheatsheet.haax.fr/web-pentest/php-vulnerabilities/
PHP RCE Cheat Sheet - Exploit Notes - HDKS
...PHP RCE Cheat Sheet Web Shell <%3fphp+system($_['cmd']);%3f> <%3fphp+echo+system($_['cmd']);%3f>...
https://exploit-notes.hdks.org/exploit/web/php-rce-cheat-sheet/
PHP Security Cheatsheet - GitHub
...All of the examples presented in this cheatsheet are for learning and experimentation purposes and are not meant to be used in a production system. Most of the techniques and countermeasures are already built-in in many modern web application frameworks and should be taken advantage of....
https://github.com/tolgadevsec/PHP-Security-Cheatsheet
PHP Security Code Review Cheat Sheet - AppSec Labs
...This reference guide serves as a comprehensive cheat sheet a list of bad security practices to look for in your code, along with methods to verify or observe these behaviors on live systems....
https://appsec-labs.com/php-security-code-review-cheat-sheet-appsec-labs/
PHP Tricks - HackTricks
...In short the problem happens because the preg_* functions in PHP builds upon the PCRE library. In PCRE certain regular expressions are matched by using a lot of recursive calls, which uses up a lot of stack space....
https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/php-tricks-esp/index.html
Offensive Security Cheatsheet - Haax
...# Loose Comparison # In PHP, if ?==? is used, then 2 strings beginning by ?0e? and filled with numbers will always be equal # It means that you can use magic hashes (0exxxx...) to break the comparison # md5(240610708) = 0e462097431906509019562988736854 # So 0e == 240610708 ? true....
https://cheatsheet.haax.fr/web-pentest/php-vulnerabilities/type_juggling/
PHP Cheat Sheet (.PDF Version Included) | WebsiteSetup
...This PHP cheat sheet is both an introduction for beginners and a quick reference guide for advanced programmers. Bookmark it or download the free PDF now....
https://websitesetup.org/php-cheat-sheet/