Introduction In this post, we’ll dissect a common Cross-Site Scripting (XSS) vulnerability where user input is reflected into an HTML attribute, but angle brackets (`<`, `>`) are HTML-encoded. This scenario is often encountered in web applications that attempt to sanitize…
Introduction: SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting…
SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting user…
1. Create an account on PortSwigger Web Security Academy by: 2. Explore the dashboard: Once logged in, you’ll be taken to your PortSwigger Web Security Academy dashboard. Here’s what i found: 3. Familiarize yourself with the platform: Products: API Scanner:…
An HTTP request is a message sent from a client (like a web browser) to a server to ask for a resource, like a web page or an image. The request contains several parts, including the HTTP request method, which…
Ransomware attacks have become a prevalent and concerning issue in today’s digital landscape. With the rise of technology, cybercriminals have found new ways to exploit vulnerabilities and hold individuals and organizations hostage for financial gain. In this blog post, we…
