File upload

File upload testing.

Tools:

• Malicious PDF generator can be useful for creating malicious PDFs.

• canary token can also be used for generating PDFs which will notify if any interactions happens.

YesWeHack File upload series:

I think it's one of the best written 2 part series for testing file upload functionalities

1. https://blog.yeswehack.com/yeswerhackers/exploitation/file-upload-attacks-part-1/

2. https://blog.yeswehack.com/yeswerhackers/file-upload-attacks-part-2/