Vulnerability Type: DOM-based Cross-Site Scripting (XSS) Attack Vector The vulnerable application dynamically writes user-controlled input from `location.search` (URL parameters) into the DOM using `document.write`, without proper sanitization. This allows an attacker to inject arbitrary JavaScript by breaking out of the…
Vulnerability Type: Reflected Cross-Site Scripting (XSS) Attack Vector The vulnerable application reflects user input directly into the HTML response without encoding or sanitization, allowing arbitrary JavaScript execution. The attack vector leverages a simple search functionality where the input is embedded…
Methodology Conclusion This lab highlights how a simple marker string can reveal which result column accepts and displays text — a small but crucial discovery that enables further data extraction. The takeaway for developers is straightforward: never trust input, and…
Attack Vector Used Exploitation Steps Mitigation Strategies Conclusion This lab demonstrates how a UNION-based SQL injection can bypass column limitations by concatenating data into a single text-compatible column. Always secure applications with defensive coding practices and layered protections.
Attack Vector Used Exploitation Steps Mitigation Strategies Conclusion This lab demonstrates how a UNION-based SQL injection can bypass filters and extract sensitive data. Always secure applications with proper coding practices and defensive measures.
Introduction Lab 8 demonstrates a UNION-based SQL injection technique to identify which column in a multi-column query can display text. Using Burp Suite Repeater, the exercise injects a known marker string into each column to discover the text-capable column for…
Introduction Lab 7 demonstrates a practical UNION-based SQL injection technique to determine how many columns an application query returns. Using Burp Suite to intercept and replay requests, the exercise shows how iterative injection with NULL values in a UNION SELECT…
Introduction This lab demonstrates a practical SQL injection attack against an Oracle-backed application. Using Burp Suite, I identified an injectable product category filter, confirmed the query structure with UNION-based payloads against the Oracle dual table, enumerated accessible tables and columns…
Introduction SQL Injection (SQLi) remains one of the most critical vulnerabilities in web applications. In this write-up, I walk through a hands-on attack methodology using Burp Suite to identify, exploit, and extract sensitive data from a vulnerable product category filter.…
Introduction: SQL injection (SQLi) is a major web vulnerability. This blog post breaks down four PortSwigger labs using Burp Suite to show how these attacks work. The goal is to demonstrate why developers must protect their applications by never trusting…
