Skip to content
Nova Experience
  • Home
  • Web Security
    • Learning Steps
    • Labs Solutions
  • Our Latest Topics
    • SQL Injection
    • Authentication Vulnerabilities
    • Directory Traversal
    • Access Control
    • Command Injection
    • Information Disclosure
    • XXE Injection
    • File Upload Vulnerabilities
    • Business Logic Vulnerabilities
    • Server-Side Request Forgery
    • Web Socket
    • View More
  • Blogs
  • Home
  • Web Security
    • Learning Steps
    • Labs Solutions
  • Our Latest Topics
    • SQL Injection
    • Authentication Vulnerabilities
    • Directory Traversal
    • Access Control
    • Command Injection
    • Information Disclosure
    • XXE Injection
    • File Upload Vulnerabilities
    • Business Logic Vulnerabilities
    • Server-Side Request Forgery
    • Web Socket
    • View More
  • Blogs
Read more about the article Top 20 Linux commands for Hackers 2023

Top 20 Linux commands for Hackers 2023

  • Post category:Blogs/Cyber Security/KaliLinux
  • Post comments:0 Comments

In this article we are going to explore Top 20 Linux commands for Hackers 2023. 1: The OS type uname -o The first command, uname -o, displays the type of…

Continue ReadingTop 20 Linux commands for Hackers 2023
Read more about the article Manipulating WebSocket messages to exploit vulnerabilities

Manipulating WebSocket messages to exploit vulnerabilities

  • Post category:Blogs/Cyber Security/KaliLinux
  • Post comments:0 Comments

Introduction to WebSocket Vulnerabilities First of all, let's try to understand what WebSockets are and how they are used in modern web applications, which establish long-time connections. Along with this,…

Continue ReadingManipulating WebSocket messages to exploit vulnerabilities
Read more about the article Manipulating the WebSocket handshake to exploit vulnerabilities

Manipulating the WebSocket handshake to exploit vulnerabilities

  • Post category:Blogs/Cyber Security/KaliLinux
  • Post comments:0 Comments

Introduction So guys, how are you all? Today we are writing articles on WebSockets vulnerabilities. This is our second article on WebSockets vulnerabilities. In this article, we will cover the…

Continue ReadingManipulating the WebSocket handshake to exploit vulnerabilities
Read more about the article SSRF with whitelist-based input filter | Web Security

SSRF with whitelist-based input filter | Web Security

  • Post category:Blogs/Cyber Security/KaliLinux
  • Post comments:0 Comments

Introduction In this article, we are going to solve the SSRF with whitelist-based input filter lab. This is part 6 of the SSRF series and the labs we are practicing…

Continue ReadingSSRF with whitelist-based input filter | Web Security
Read more about the article Web shell upload via extension blacklist bypass

Web shell upload via extension blacklist bypass

  • Post category:Blogs/Cyber Security/KaliLinux
  • Post comments:0 Comments

Lab Description This is our 4th article on File Upload Vulnerabilities. Today we will learn(File upload vulnerabilities: Web shell upload via extension blacklist bypass) how to upload a web shell…

Continue ReadingWeb shell upload via extension blacklist bypass
Read more about the article Web shell upload via Content-Type restriction bypass

Web shell upload via Content-Type restriction bypass

  • Post category:Blogs/Cyber Security/KaliLinux
  • Post comments:0 Comments

Introduction Hello guys, how are you all? This is our second article about file upload vulnerabilities. In this article, we will upload a web shell via Content-type restriction bypass. This…

Continue ReadingWeb shell upload via Content-Type restriction bypass
Read more about the article Publicly Accessible Localhost Service Free Cloud Service

Publicly Accessible Localhost Service Free Cloud Service

  • Post category:Cyber Security/KaliLinux
  • Post comments:0 Comments

Hello there, Masaud here. Today we will not talk about ngrok at all. In this article, I am going to teach you a completely new and unique method. After learning…

Continue ReadingPublicly Accessible Localhost Service Free Cloud Service

Advertisement

Our Categories

  • Blogs
  • Cyber Security
  • Education
  • Internships
  • KaliLinux
  • Scholarship
  • Uncategorized
  • Web Security

Our Recent Posts

  • 10 Mistakes in Cybersecurity and How to Avoid Them
  • Mastering DOM-Based Vulnerabilities: Tips and Best Practices
  • A Comprehensive Analysis of Reflected XSS Vs Stored XSS
  • What Is Link Manipulation Demystified: Guarding Your Website
  • Host Header Injection Demystified: Stay Ahead of Hackers
  • XSS Steal Cookie: How Hackers Can Snatch Your Private Data
  • Secure the Gates: Navigating the Terrain of OAuth Vulnerabilities
  • Unraveling the Hidden Threat – Business Logic Vulnerabilities
  • Clickjacking with form input data prefilled from a URL parameter
  • Exploiting clickjacking vulnerability to trigger DOM-based XSS
  • Clickjacking with a frame buster script
  • Multistep clickjacking
  • Basic clickjacking with CSRF token protection
  • How to Deep dive into Cyber Security | Master Offensive Security
  • What are the advantages of CyberSecurity in 2023
  • Reflected XSS with some SVG markup allowed
  • DOM XSS in jQuery anchor href attribute sink using location.search source
  • DOM XSS in document.write sink using source location.search inside a select element
  • Reflected XSS into a JavaScript string with angle brackets HTML encoded
  • Stored XSS into anchor href attribute with double quotes HTML-encoded

Advertisement

Burp Suite

Web Vulnerability Scanner
Burp Suite Editions
Release Notes

Vulnerabilities

SQL Injection
Authentication Vulnerabilities
Cross-Site Request Forgery
XML External Entity Injection
Directory Traversal
Server-Side Request Forgery

Quick Links

About Us
Our Team
Contact Us
Privacy Policy
Terms Of Use
Disclamer

Insights

Learning Matreial
Blogs
Nova Experience

© 2023 Nova Experience
All Rights Reserved.

  • Home
  • Web Security
    • Learning Steps
    • Labs Solutions
  • Our Latest Topics
    • SQL Injection
    • Authentication Vulnerabilities
    • Directory Traversal
    • Access Control
    • Command Injection
    • Information Disclosure
    • XXE Injection
    • File Upload Vulnerabilities
    • Business Logic Vulnerabilities
    • Server-Side Request Forgery
    • Web Socket
    • View More
  • Blogs
  • Toggle website search
Type your search