Category
Mental Checklists
Per-stack triage checklists — what to think about first when the stack is Python, PHP, JS / browser, or a multi-hop proxy chain.
0 categories
4 notes
Notes
4 totalWhen the Stack is JS / Browser
First-pass triage checklist for JS/browser targets — reparse sinks, prototype pollution, CSP bypass chains, and the key browser primitives.
web
javascript
checklist
methodology
When the Stack is PHP
First-pass triage checklist for PHP/Apache targets — .htaccess, serialized cookies, session files, native-code pivots, and procfs/libmagic/mt_rand.
web
php
checklist
methodology
When the Stack Includes Proxies or Multiple HTTP Hops
First-pass triage checklist for multi-hop/proxy targets — map topology first, then smuggling, host routing, and hidden SSRF surfaces.
web
proxy
http
checklist
methodology
When the Stack is Python
First-pass triage checklist for Python web targets — parser disagreement, cache/pickle, import hooks, and validation-vs-execution splits.
web
python
checklist
methodology