PortSwigger

Finding and exploiting an unused API endpoint

PortSwigger- Finding And Exploiting An Unused API Endpoint

All web applications use an Application Programming Interface (API) which is also vulnerable if exploited by an attacker. So as a penetration tester, we should know how to identify and exploit these API-related vulnerabilities. In this blog, we will understand the complete process which starts from identifying API endpoints, supported HTTP methods, and content types.

PortSwigger- Finding And Exploiting An Unused API Endpoint Read More »

Blind SQL Injection

PortSwigger- Blind-Based SQL Injection- I

In this blog, we will understand one of the most identifiable and difficult types of SQL Injection vulnerability. It is Blind SQL Injection. We will learn about the same using PortSwigger platform. Let’s begin the blog and understand the meaning of blind SQL injection vulnerability. Blind SQL injection vulnerabilities are those where we send a malicious SQL query to the server but we don’t receive any direct output in the response.

PortSwigger- Blind-Based SQL Injection- I Read More »

Examining the database using Union based SQL injection on PortSwigger

PortSwigger- Examining the Database using Union-based SQL Injection

Hello folks, This blog will be based on Examining the Database using Union-based SQL Injection vulnerabilities. We will understand how we can get the database version and information related to tables and columns present in the database. We will explore the same on the PortSwigger platform. We have discussed the basics of Union-based SQL injection

PortSwigger- Examining the Database using Union-based SQL Injection Read More »

Scroll to Top