help@cyb4rgeek.xyz

+1 (512) 588 6950

portswigger

Home/Category: portswigger
Basic SSTI — Server-Side Template Injection | 2023
Basic SSTI — Server-Side Template Injection | 2023 bez0x January 24, 2023

Basic SSTI — Server-Side Template Injection | 2023

Portswigger — Basic server-side template injection Solution What is SSTI? Server-side template injection is a vulnerability where the attacker injects malicious inpu

Read More
HTTP Request Smuggling — Basic CL.TE vulnerability
HTTP Request Smuggling — Basic CL.TE vulnerability bez0x January 22, 2023

HTTP Request Smuggling — Basic CL.TE vulnerability

Portswigger HTTP Request Smuggling Solution | Karthikeyan NagarajWhat is HTTP Smuggling?HTTP request smuggling is a technique for interfering with the way a website processes se

Read More
JWT authentication bypass via unverified signature
JWT authentication bypass via unverified signature bez0x January 18, 2023

JWT authentication bypass via unverified signature

Portswigger Lab Solution — JWT Authentication Bypass by Karthikeyan NagarajLab Link:Lab Description:This lab uses a JWT-based mechanism for handling sessions. Due to implement

Read More
Discovering vulnerabilities quickly with targeted scanning — Portswigger
Discovering vulnerabilities quickly with targeted scanning — Portswigger bez0x January 14, 2023

Discovering vulnerabilities quickly with targeted scanning — Portswigger

Discovering vulnerabilities quickly with targeted scanning — PortswiggerThis lab contains a vulnerability that enables you to read arbitrary files from the server. To solv

Read More
DOM XSS Using Web Messages (Practioner) — Portswigger Lab 1 | Solution and Approach
DOM XSS Using Web Messages (Practioner) — Portswigger Lab 1 | Solution and Approach bez0x December 26, 2022

DOM XSS Using Web Messages (Practioner) — Portswigger Lab 1 | Solution and Approach

Portswigger's DOM-Based Vulnerability Lab 1 Approach and Explanation 1. What is the DOM? The Document Object Model (DOM) is a web browser’s hierarchical representation of

Read More
Write-up: Authentication bypass via encryption oracle
Write-up: Authentication bypass via encryption oracle bez0x December 20, 2022

Write-up: Authentication bypass via encryption oracle

This write-up for the lab Authentication bypass via encryption oracle is part of my walk-through series for PortSwigger’s Web Security Academy. Learning path: Server-side top

Read More