Mar 5
Didn't know about this one, ty!
Yeah, a lot of fuzzing is needed, I'll keep fuzzing some more tonight but yea I've tried setting headers too, urlencoding,unicode chars, etc
1
2
90
Feb 7
Do you know why we have this within your URL, its due to URLEncoding, I faced this same issue while fetching from an API, I got an error while I searched a query with spaces which breaks URL
Fix was to use the encodeURIcomponent method on the query parameter and it worked!
2
5
92
3 Nov 2025
3/30
Solving SQLi, Path traversal and other vulnerabilities on portswigger is cool
but trying to exploit the same vulnerability on bwapp on level 2 difficulty is crazy as hell
Can anyone help me with bypassing this in a different way other than URLencoding?
1
1
10
754
10 Jan 2025
Дней без ошибок из-за URLEncoding: 0
11
557
11 Dec 2024
Как проклят HTTP, часть №13
Сегодня я узнал, что существует 100500 различных вариантов URLEncoding и все они полусовместимы друг с другом
Мое любимое:
В Rust экосистеме есть percent-encoding, который, очевидно, кодирует спец символы как %byte ( )...
13
2
109
19,778
24 Oct 2023
I'll go one step further: POST for every dynamic route!
• For params you can use request body JSON (instead of awkwardly urlencoding query params)
• No need to worry about caching intermediaries, it's often more trouble than it's worth
24 Oct 2023
Totally agree. GET vs POST have meaningful behaviour differences in browsers. Use GET for stuff without side-effects, otherwise use POST.
The other verbs? Nah. I've always found it easier to be expressive in the URL than the HTTP verb.
1
4
802
4 Apr 2023
friend came to me today asking if it was possible to fuzz with ffuf without urlencoding. url was /api/..\..\..\..\FUZZ - unfortunately we did not find a way to make ffuf not url encode this. solution was to use wfuzz which does not url encode. wfuzz.readthedocs.io/en/late…
6
7
94
22,428
19 Aug 2022
setrawcookie: Send a cookie without urlencoding the cookie value php.net/manual/en/function.s…
2
5
13 Jul 2022
new twitch scam dropping, i guess. love the urlencoding
1
1
7
github.com/sizumita/CatHand/…
前書いたコード見たらurlencodingでいけてました。優秀だった
9 Jul 2022
RustだったらUTF-8対応なのかなーと思ったんだけど、日本語ダメダメなの?
1
2
9 Jul 2022
Rustでパーセントエンコードされたクエリ文字列(?foo=file=自みたいな)を解析するにはどのクレートが良いんだ?rust-url?urlencoding?
1
4
28 May 2022
Yes, still testing :)
To be fair, credit must go to @WickedCapsie who originally introduced the partial urlencoding technique in #DUSK. Urlencoding is a clever hack that saves lot of space. The standard and safest way is base64 encoding (originally introduced by @EgonFX ).
1
6
2 May 2022
So, I made some tests using your urlencoding method. Saved more than 3Kb. That's fantastic! Thanks @WickedCapsie
1
5
7
kepala dah mau pecah dan habis waktu seharian cuma karena salah pilih mode encoder: UrlEncoding vs StdEncoding -- demi cocok dengan output dari btoa()-nya JavaScript🤦♂️
pkg.go.dev/encoding/base64
suram.
1
3
Three days troubleshooting a service connector before I noticed someone had decided that URLEncoding the password value in the connection request was a good idea.
1
2
3
10 Nov 2021
Heard some hackers in the space (mainly @hakluke) talking about espanso lately. Finally got the chance to sit down and install it and configure some stuff. Game changer. Also, if you all encode/decode base64 and urlencoding as much as I do, I'd recommend you make a hotkey for it.
2
4
40
7 Sep 2021
New version of Hackvertor allows you to create custom tags in Java & Groovy. JavaScript is also supported on mac. Jwt tag is back. There is now the concept of local and global variable tags that can be shared across instances.Burp font size is now respected. Fixed urlencoding bug
7 Sep 2021
Updated: Hackvertor
portswigger.net/bappstore/65…
2
6
17