PHP execution model, dangerous functions, unsafe defaults, and why PHP apps are a prime attack surface.
Reference table covering every major PHP vulnerability class with severity, sink, and impact.
SQLi in PHP: UNION, error-based, blind, time-based, second-order, INTO OUTFILE to RCE.
Path traversal, php://filter wrappers, log poisoning, null byte bypass, RFI to RCE.
Magic methods, POP chain construction, PHPGGC gadget chains for Laravel, Symfony and more.
== vs ===, magic hashes, 0e collisions, strcmp bypass, in_array and switch juggling.
eval, assert, system, exec, preg_replace /e, disable_functions bypass techniques.
Reflected, stored, DOM XSS. Context-aware injection, htmlspecialchars bypass, CSP bypass.
curl/file_get_contents with user URLs, cloud metadata endpoints, Gopher protocol, DNS rebinding.