Project for my fourth-year cybersecurity studies.Project description: We will use a web application and modify the source code to introduce 10 different vulnerabilities. Then, we will…Jun 3, 2023Jun 3, 2023
File path traversal, traversal sequences blocked with absolute path bypassThe first step is to verify the functioning of the website. It’s an e-commerce site that offers several interesting productsApr 4, 2023Apr 4, 2023
File path traversal, simple casethe initial step is to examine how the website functions. It is an e-commerce website that features a number of interesting products. It is…Apr 3, 2023Apr 3, 2023
Lab: Username enumeration via response timingFirst , what is Username enumeration Definition: An attacker can perform username enumeration by observing changes in a website’s behavior…Apr 3, 2023Apr 3, 2023
Stocker Machine-Hack The Box (HTB)Stocker is a machine on the Hack The Box platform designed to test your penetration testing and exploit development skills. The ultimate…Mar 18, 2023Mar 18, 2023
Username enumeration via different responses Portswigger :LAB -1First , what is Username enumeration Definition: An attacker can perform username enumeration by observing changes in a website’s behavior…Mar 16, 2023Mar 16, 2023
Os Command Injection Portswigger :LAB -3In a previous blog post, I showcased a case of OS command injection from PortSwigger specifically Blind OS command injection with time…Mar 15, 2023Mar 15, 2023
Os Command Injection Portswigger :LAB -2In a previous blog post, I showcased a simple case of OS command injection from PortSwigger. You can find the blog post here…Mar 15, 2023Mar 15, 2023
Os Command Injection Portswigger :LAB -1First, what is command injection Definition: Command injection is a malicious technique used by attackers to execute arbitrary commands on…Mar 15, 2023Mar 15, 2023