This blog delves into the advanced realm of Broken Access Control vulnerability, emphasizing Insecure Direct Object References and Multi-step processes lacking access control in a single step. Both vulnerabilities will undergo comprehensive examination through practical labs.
PortSwigger- Broken Access Control | Advanced Read More »
This blog delves into the recognition and utilization of “Horizontal Privilege Escalation,” a form of Broken Access Control vulnerability. Horizontal access controls are systems designed to limit access to resources to particular users. Through horizontal access controls, diverse users gain access to a subset of resources of a similar kind. If you’re interested in learning more about Broken Access Control, including another type known as vertical privilege escalation, check out our previous blog post titled “Vertical Access Control.”
PortSwigger- Broken Access Control | Horizontal Privilege Escalation Read More »
Hello folks, This blog focuses on the identification and exploitation of Broken Access Control vulnerability. We will be providing a detailed walkthrough of PortSwigger’s labs which you can access on the PortSwigger. We will be providing a detailed writeup covering this vulnerability in three categories. So in this blog, we will be covering the first
PortSwigger- Broken Access Control | Vertical Privilege Escalation Read More »
This blog explores how to detect and take advantage of DOM-based Cross-site Scripting (XSS) vulnerabilities found in websites that utilize third-party dependencies. It also analyzes these vulnerabilities in relation to reflected and stored XSS scenarios. Practical exercises will be carried out using the PortSwigger platform.
PortSwigger- Advanced DOM-based XSS Read More »
This blog centers on the identification and exploitation of DOM-based Cross-site Scripting (XSS) vulnerabilities present on websites. We’ll be honing our skills in detecting and leveraging these vulnerabilities using the PortSwigger platform.
PortSwigger- DOM-Based XSS Read More »
This blog emphasizes the identification and exploitation of Cross-site Scripting (XSS) vulnerabilities present on websites, specifically targeting two out of three types: Reflected XSS and Stored XSS. We will be actively practicing these vulnerabilities using the PortSwigger platform.
PortSwigger- Reflected & Stored Cross-site Scripting Read More »
This blog focuses on the identification and exploitation of Authentication vulnerability on web applications. We will be providing a detailed walkthrough of PortSwigger’s labs which you can access on the PortSwigger. We have three categories here on this website. So in this blog, we will be covering the third one which is ‘Vulnerabilities in other Authentication mechanisms’. You guys can check out ‘Vulnerabilities in Password-based login’ and ‘Vulnerabilities in Multi-factor Authentication’.
PortSwigger- Vulnerabilities in Other Authentication Mechanism Read More »
This blog focuses on the identification and exploitation of Authentication vulnerability on web applications. We will be providing a detailed walkthrough of PortSwigger’s labs which you can access on the PortSwigger website. We have three categories here on this website.
PortSwigger- Vulnerabilities in Multi-Factor Authentication Read More »
This blog focuses on the identification and exploitation of Authentication vulnerability. We will be providing a detailed walkthrough of PortSwigger’s labs which you can access on the PortSwigger website. We have three categories here on this website. So in this blog, we will be covering the first one which is ‘Vulnerabilities in password-based login’. Without any delay, let’s start our penetration testing process.
PortSwigger- Authentication Vulnerability- Password-Based Login Read More »
This blog centers on the identification and exploitation of Server Side Request Forgery (SSRF) vulnerability. We will be providing a detailed walkthrough of PortSwigger’s labs which you can access on the PortSwigger website. Without any delay, let’s start our penetration testing process.
PortSwigger – Server-Side Request Forgery (SSRF) Read More »
