1. Introduction welcome

1. Introduction In this HTB Academy assessment, our goal is to find and exploit an XSS vulnerability on a security blog. We need to do three things: Find a vulnerable input field (blind Xss). ...

Introduction The Darkly project serves as a foundational and practical initiation into the critical field of web application cybersecurity. The project is structured around a series of practic...

1. Introduction While learning about business logic vulnerabilities in PortSwigger’s labs, I came across an interesting exploit: bypassing access controls by manipulating email parsers. This bug fa...

Pentest (Mission 4) During testing of the file upload functionality on the target website, I discovered that uploading a DOCX document resulted in the disclosure of a victim ID associated with the ...

Containerizing Nginx with ModSecurity 1. Introduction What is ModSecurity? ModSecurity is a free and open-source Web Application Firewall (WAF) that began as an Apache module and has grown into a...