Write-up: Flawed enforcement of business rules | 2024This write-up is my approach to solving the “Flawed enforcement of business rules” lab on PortSwigger’s WebSecurity Academy.Jun 6Jun 6
Write-up: Inconsistent security controls | 2024This write-up is my approach to solving the “Inconsistent security controls” lab on PortSwigger’s WebSecurity Academy.Jun 6Jun 6
Write-up: High-level logic vulnerability | 2024This write-up is my approach to solving the “High-level logic vulnerability” lab on PortSwigger’s WebSecurity Academy.Jun 6Jun 6
Write-up: 2FA broken logic | 2024This write-up is my approach to solving the “2FA broken logic” lab on PortSwigger’s WebSecurity Academy.Jun 4Jun 4
Write-up: Excessive trust in client-side controls | 2024This write-up is my approach to solving the “Excessive trust in client-side controls” lab on PortSwigger’s WebSecurity Academy.Jun 4Jun 4
Write-up: Multistep clickjacking | 2024This write-up is my approach to solving the “Multistep clickjacking” lab on PortSwigger’s WebSecurity Academy.Jun 4Jun 4
Write-up: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024This write-up is my approach to solving the “Exploiting clickjacking vulnerability to trigger DOM-based XSS” lab on PortSwigger’s…Jun 4Jun 4
Write-up: CSRF where token validation depends on request method | 2024This write-up is my approach to solving the “CSRF where token validation depends on request method” lab on PortSwigger’s WebSecurity…Jun 4Jun 4
Write-up: CSRF vulnerability with no defenses | 2024This write-up is my approach to solving the “CSRF vulnerability with no defenses” lab on PortSwigger’s WebSecurity Academy.Jun 4Jun 4
Write-up: Reflected XSS into attribute with angle brackets HTML-encoded | 2024This write-up is my approach to solving the “Reflected XSS into attribute with angle brackets HTML-encoded” lab on PortSwigger’s…Jun 3Jun 3
