(Portswigger/WebAcademy) - DOM-Based Cross-Site Scripting (XSS)
Intro This post/writeup is all about the DOM-Based XSS Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To lea...
(Portswigger/WebAcademy) - Stored Cross-Site Scripting (XSS)
Intro This post/writeup is all about the stored XSS Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To learn ...
(Portswigger/WebAcademy) - DOM-based Vulnerabilities
Intro This post/writeup is all about the DOM-based Vulnerabilitiess. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To learn ...
(Portswigger/WebAcademy) - Websockets
Intro This post/writeup is all about the insecure deserialization vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as we...
(Portswigger/WebAcademy) - Insecure Deserialization vulnerabilities
Intro This post/writeup is all about the insecure deserialization vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as we...
(Portswigger/WebAcademy) - Server-Side Template Injection vulnerabilities
Intro This post/writeup is all about the Clickjacking Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To lear...
(Portswigger/WebAcademy) - Clickjacking vulnerabilities
Intro This post/writeup is all about the Clickjacking Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To lear...
(Portswigger/WebAcademy) - OAuth 2.0 authentication vulnerabilities
Intro This post/writeup is all about the JWT Token Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To learn m...
(Portswigger/WebAcademy) - JWT Token Vulnerabilities
Intro This post/writeup is all about the JWT Token Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To learn m...
Vulnerable Lab by Tushar Kulkarni (@roottusk) - vAPI (writeup)
Intro This post is all about the vapi which is hosted on github and it has been created by Tushar Kulkarni. The Plan This vulnerable API has no Frontend like e.g., craPI, so i’ll just take docu...
Vulnerable Lab by OWASP - crAPI (Writeup)
Intro This post is all about the crAPI which is OWASP’s vulnerable web API application. It has few challenges across all TOP 10 API Vulnerabilities. In total 15 challenges/vulnerabilities and 2 sec...
(Portswigger/WebAcademy) - Cross-Origin Resource Sharing (CORS)
Intro This post/writeup is all about the Cross-Origin Resource Sharing or simply CORS. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here a...
(Portswigger/WebAcademy) - Cross-Site Request Forgery (CSRF)
Intro This post/writeup is all about the Cross-Site Request Forgery. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To learn ...
(Portswigger/WebAcademy) - Web Cache Poisoning (Unkeyed Inputs)
Intro This post/writeup is all about the Web Cache Poisoning. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. To learn more on...
(Portswigger/WebAcademy) - XXE Injection
Intro This post/writeup is all about the XXE Injection. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. What can we do with XX...
(Portswigger/WebAcademy) - Server-side request forgery (SSRF)
Intro This post/writeup is all about the Server-side request forgery (SSRF). I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. T...
File Upload Vulnerabilities
Intro This post/writeup is all about the File Upload Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. TOC I...
Broken Access Control
Intro This post/writeup is all about the Broken access control. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. Information di...
Information Disclosure
Intro This post/writeup is all about the Bussines Logic Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. Infor...
Business Logic Vulnerabilities
Intro This post/writeup is all about the Business Logic Vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. Busin...
(Portswigger/WebAcademy) - Reflected Cross-Site Scripting (XSS)
Intro This post is dedicated to XSS related Labs at Portswigger Web Academy TOC Intro TOC Finding a XSS Reflected XSS into HTML context with nothing encoded Reflected ...
OS Command Injection
Intro This post/writeup is all about the OS Command Injection vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. ...
Directory Traversal
Intro This post/writeup is all about the Directory Traversal vulnerabilities. I’ll be using primarily Portswigger Web Academy Labs, but i do intent do throw other labs and writeups here as well. ...
Vulnerable Password Reset
Intro This post/writeup is all about the Authentication vulnerabilities or Broken Authentication if we follow OWASP naming scheme. I’ll be using primarily Portswigger Web Academy Labs, but i do in...
Vulnerable Username-Password Authentication
Intro This post/writeup is all about the Authentication vulnerabilities or Broken Authentication if we follow OWASP naming scheme. I’ll be using primarily Portswigger Web Academy Labs, but i do in...
Multi-Factor Authentication (MFA)
Intro This post/writeup is all about the Authentication vulnerabilities or Broken Authentication if we follow OWASP naming scheme. I’ll be using primarily Portswigger Web Academy Labs, but i do in...
Other vulnerable Authentication Mechanismus
Intro This post/writeup is all about the Authentication vulnerabilities or Broken Authentication if we follow OWASP naming scheme. I’ll be using primarily Portswigger Web Academy Labs, but i do in...
Blind SQL Injection
Intro Lab at portswigger: Blind SQL Injection TOC Intro TOC Blind SQL injection with conditional responses Intro Finding the SQL Injection Database Enumeration ...