Introduction Lab 7 demonstrates a practical UNION-based SQL injection technique to determine how many columns an application query returns. Using Burp Suite to intercept and replay requests, the exercise shows how iterative injection with NULL values in a UNION SELECT…
Introduction This lab demonstrates a practical SQL injection attack against an Oracle-backed application. Using Burp Suite, I identified an injectable product category filter, confirmed the query structure with UNION-based payloads against the Oracle dual table, enumerated accessible tables and columns…
Introduction SQL Injection (SQLi) remains one of the most critical vulnerabilities in web applications. In this write-up, I walk through a hands-on attack methodology using Burp Suite to identify, exploit, and extract sensitive data from a vulnerable product category filter.…
Introduction: SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting…
Introduction: SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting…
Introduction: SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting…
SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting user…
1. Create an account on PortSwigger Web Security Academy by: 2. Explore the dashboard: Once logged in, you’ll be taken to your PortSwigger Web Security Academy dashboard. Here’s what i found: 3. Familiarize yourself with the platform: Products: API Scanner:…
Introduction FoxyProxy is a powerful and essential browser extension for anyone involved in web application security testing. It’s a time-saver that eliminates the need to manually configure your browser’s proxy settings every time you switch between normal browsing and using…
Introduction:Burp Suite, developed by PortSwigger, is a powerful and widely-used integrated platform for web application security testing. It’s an essential tool for professional penetration testers, security researchers, and bug bounty hunters. Burp Suite’s core function is to act as a…
