Tag

websecurity

#websecurity

More content

Read more stories on Hashnode

Articles with this tag

Lab: Broken brute-force protection, multiple credentials per request

Nov 17, 20242 min read14 views

Lab Scenario: Our objective is to understand and exploit a web application's broken brute-force protection, where the login credentials are submitted...

Lab: Broken brute-force protection, multiple credentials per request

Lab: Exploiting XXE to perform SSRF attacks

Nov 8, 20242 min read6 views

Lab Scenario: Our mission is to exploit XXE through a web application's "Check stock" feature, ultimately performing SSRF attacks to access sensitive...

Lab: Exploiting XXE to perform SSRF attacks

Lab: HTTP request smuggling, basic TE.CL vulnerability

Aug 24, 20241 min read26 views

Lab Scenario: Our mission is to explore and exploit a simulated web application's vulnerability to HTTP request smuggling. We'll use the TE.CL...

Lab: HTTP request smuggling, basic TE.CL vulnerability

Lab: Exploiting XXE using external entities to retrieve files

Apr 29, 20242 min read35 views

Lab Scenario: Our mission is to exploit XXE through a web application's "Check stock" feature, specifically using external entities to retrieve files....

Lab: Exploiting XXE using external entities to retrieve files

Lab: Exploiting XInclude to retrieve files

Apr 16, 20242 min read12 views

Lab Scenario: Our mission is to exploit XInclude through a web application's "Check stock" feature. By intercepting and manipulating a POST request,...

Lab: Exploiting XInclude to retrieve files

Lab: SQL injection attack, listing the database contents on non-Oracle databases

Apr 8, 20243 min read24 views

In this educational guide, we will explore the practical application of Burp Suite to identify and exploit SQL injection vulnerabilities, highlighting...

Lab: SQL injection attack, listing the database contents on non-Oracle databases