From d69b26e70638b84c28b977f9ce95e7821fa80de3 Mon Sep 17 00:00:00 2001
From: whx <stefan@stefan.works>
Date: Mon, 6 Feb 2023 19:20:39 +0100
Subject: [PATCH] bump

---
 Enumeration/References.md           | 7 ++++++-
 Exploits/References.md              | 6 ++++++
 Exploits/Web/Bypass HTTP Filters.md | 5 +++++
 3 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 Exploits/Web/Bypass HTTP Filters.md

diff --git a/Enumeration/References.md b/Enumeration/References.md
index 3d4ba67..030e2a3 100644
--- a/Enumeration/References.md
+++ b/Enumeration/References.md
@@ -28,7 +28,8 @@
 
 ### CMS
 
-[Typo3Scan](https://github.com/whoot/Typo3Scan.git)
+* [CMSmap](https://github.com/Dionach/CMSmap) enumeration of the most popular CMSs
+* [Typo3Scan](https://github.com/whoot/Typo3Scan.git)
 
 ## Domain Enumeration
 
@@ -37,6 +38,10 @@
 [gobuster](https://github.com/OJ/gobuster.git)
 [RustScan](https://github.com/RustScan/RustScan.git)
 
+## Parameteter Enumeration
+
+* [Arjun](https://github.com/s0md3v/Arjun.git)
+
 ## SMB Enumeration
 
 [ShawnDEvans' smbmap](https://github.com/ShawnDEvans/smbmap.git)
diff --git a/Exploits/References.md b/Exploits/References.md
index 9b70566..77d2b52 100644
--- a/Exploits/References.md
+++ b/Exploits/References.md
@@ -60,3 +60,9 @@
 
 [PowerSploit](https://github.com/PowerShellMafia/PowerSploit.git)
 [nishang](https://github.com/samratashok/nishang.git)
+
+# Exploits
+
+## Web
+
+* [Grafana LFI <= 8.2.0](https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798.git)
diff --git a/Exploits/Web/Bypass HTTP Filters.md b/Exploits/Web/Bypass HTTP Filters.md
new file mode 100644
index 0000000..a1f7997
--- /dev/null
+++ b/Exploits/Web/Bypass HTTP Filters.md	
@@ -0,0 +1,5 @@
+# Bypass HTTP Filters
+
+## Double Encode URL Parameters
+
+Double encoding URL parameters via URL encoding sometimes bypasses the WAF