PortSwigger- Exploiting An API Endpoint Using Documentation
This blog will focus on API Testing where we will learn about APIs and their vulnerabilities using PortSwigger platform. All website consists of the API and...
PortSwigger- Password Reset Poisoning Via Middleware
This lab focuses on the identification and exploitation of HTTP Host header vulnerability. We will understand this vulnerability and then see how we can perform...
PortSwigger- Basic Password Reset Poisoning
Hello Folks, This blog focuses on HTTP Host Header vulnerability. We will cover the basics of the HTTP Host header and then we will see...
TryHackMe- Whats Your Name?
Hello Folks, In this blog, we are going to solve a challenge that will test our client-side exploitation skills. The name of this challenge is...
HackTheBox- BoardLight
Hello Folks, In this blog, we are going to discuss as well as solve another easy machine of the HackTheBox platform named “BoardLight”. This machine...
PortSwigger- Exploiting Other Categories in SQL Injection
Hello folks, In this blog post, we will explore some other techniques to identify and exploit SQL Injection vulnerabilities. We will use PortSwigger’s platform to...
PortSwigger- Blind SQL Injection-II
In this blog post, we'll explore the Blind SQL Injection vulnerability by inducing time delays and utilizing out-of-band requests to gain a deeper understanding. Here,...
PortSwigger- Blind-Based SQL Injection- I
In this blog, we will understand one of the most identifiable and difficult types of SQL Injection vulnerability. It is Blind SQL Injection. We will...
PortSwigger- Examining the Database using Union-based SQL Injection
Hello folks, This blog will be based on Examining the Database using Union-based SQL Injection vulnerabilities. We will understand how we can get the database...
PortSwigger- Union-Based SQL Injection
This blog delves into SQL Injection, a highly significant vulnerability. We'll explore various types of SQL Injection and learn how to detect and leverage them...
TryHackMe- Clocky
This blog offers a step-by-step guide for navigating through the recently introduced machine, "Clocky," on TryHackMe. Classified as a Medium-level challenge, it aims to familiarize...
PortSwigger- Broken Access Control | Advanced
This blog delves into the advanced realm of Broken Access Control vulnerability, emphasizing Insecure Direct Object References and Multi-step processes lacking access control in a...