Introduction Hello everyone, this is our 4th article focusing on business logic flaws. In this article, we will cover the lab “Inconsistent Security Controls” from PortSwigger Web Security. We will provide you with step-by-step practical … Read more
introduction So, we have started the PortSwigger web security series in which we are currently working on server-side vulnerabilities. Today, we are exploring the topic of exploiting XXE to perform SSRF attacks. In this lab, … Read more
Introduction So, this is our 6th lab where we are solving the official PortSwigger Web Security labs. Today, we will solve the “Exploiting Blind XXE to Retrieve Data via Error Messages” lab. Just like in … Read more
Information Hello guys, today in Blind XXE with out-of-band interaction via XML parameter entities we will solve the 4th lab of PortSwigger Web Security. As you know, we are exploring XML or XXE vulnerabilities in … Read more
Introduction This is our 5th article on XXE and XML injection. Today, we will solve the lab on exploiting blind XXE to exfiltrate data using a malicious external DTD. We will follow easy steps to … Read more
Introduction to XXE Attacks Before jumping into XXE attacks, you should know about XML (Extensible Markup Language). People use XML, a popular language for formatting data, for various purposes, ranging from web services (XML-RPC, SOAP, … Read more
The UNDP Internship and Volunteer Programme 2023 is now accepting applications. The United Nations Development Programme (UNDP) offers paid internships to master’s, graduate, and undergraduate candidates from all over the world. Students are given a … Read more
Current openings for Paid Internship By Nestle 2023. Nestle is giving brand-new applicants a fantastic opportunity to get experience and learn new skills for their future advantages. This programme for paid internships is available to … Read more
Internships By Bank of America has opportunities available today in the US, Canada, and Europe. For graduate students, Bank of America is providing an opportunity in the form of a summer internship that is compensated … Read more
Open now is the funded World Youth Festival (WYF) in Malaysia 2023. Applications for the World Youth Festival are encouraged from candidates with innovative business ideas. This programme is sponsored. The option to visit this … Read more
The Kotzen Scholarship for Simmons University is now available for 2023. A completely paid scholarship for an undergraduate degree in the USA is being offered by Simmons University. In practically all the major academic subjects, … Read more
Introduction This is our 5th article on Blind SSRF. In this lab, we will be solving the Blind SSRF with out-of-band detection lab. It is provided by PortSwigger Web Security for practice. Lab Description Lab … Read more
Introduction In this article, we are going to solve the Blind SSRF with Shell Shock Exploitation lab. This is our 7th lab or 6th article on server-side request forgery. Lab Description This lab contains analytics … Read more
Introduction In this article, we are going to solve the SSRF with whitelist-based input filter lab. This is part 6 of the SSRF series and the labs we are practicing on are from PortSwigger Web … Read more
In this article, we will cover Web shell upload via obfuscated file extension. This is the 5th part of our file upload vulnerabilities series. Lab description In this lab, we have a vulnerability in the … Read more
Introduction In this article, we will discuss file upload vulnerabilities and solve the PortSwigger Web Security Lab on remote code execution via polyglot web shell upload. Lab Description The lab contains a file upload function … Read more
Lab Description This is our 4th article on File Upload Vulnerabilities. Today we will learn(File upload vulnerabilities: Web shell upload via extension blacklist bypass) how to upload a web shell through the file upload functionality. … Read more
Introduction Web Shell upload via path traversal is a vulnerability that allows an attacker to upload their malicious shell into a web application through path traversal. In this type of attack, the attacker first identifies … Read more
Introduction Hello guys, how are you all? This is our second article about file upload vulnerabilities. In this article, we will upload a web shell via Content-type restriction bypass. This means that in this lab … Read more
In this article, we are exploring file upload vulnerabilities from basic to advanced levels, including theoretical concepts and practical examples of seven PortSwigger labs. File upload vulnerabilities are vulnerabilities found in web applications. Attackers can … Read more
