Lab 2: Stored XSS into HTML Context with Nothing Encoded
Vulnerability Type: Stored Cross-Site Scripting (XSS) Attack Vector The vulnerable application stores…
Lab 8: SQL injection UNION attack, finding a column containing text
Methodology Conclusion This lab highlights how a simple marker string can reveal…
Lab 10: SQL Injection UNION Attack (Retrieving Multiple Values in a Single Column)
Attack Vector Used Exploitation Steps Mitigation Strategies Conclusion This lab demonstrates how…
Lab 9: SQL Injection UNION Attack (Retrieving Data from Other Tables)
Attack Vector Used Exploitation Steps Mitigation Strategies Conclusion This lab demonstrates how…
Lab 8: SQL injection UNION attack, finding a column containing text
Introduction Lab 8 demonstrates a UNION-based SQL injection technique to identify which…
Lab 7: SQL injection UNION attack, determining the number of columns returned by the query
Introduction Lab 7 demonstrates a practical UNION-based SQL injection technique to determine…
Lab 6: SQL injection attack, listing the database contents on Oracle
Introduction This lab demonstrates a practical SQL injection attack against an Oracle-backed…
