Repository files navigation
π Labs
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data -> write up SQL injection vulnerability in WHERE clause allowing retrieval of hidden data -> write up SQL SQL injection attack, querying the database type and version on Oracle -> write up SQL injection attack, querying the database type and version on MySQL and Microsoft -> write up SQL injection attack, listing the database contents on non-Oracle databases -> write up SQL injection attack, listing the database contents on Oracle -> write up SQL injection UNION attack, determining the number of columns returned by the query -> write up SQL injection UNION attack, finding a column containing text -> write up SQL injection UNION attack, retrieving data from other tables -> write up SQL injection UNION attack, retrieving multiple values in a single column -> write up Blind SQL injection with conditional responses -> write up Blind SQL injection with conditional errors -> write up Visible error-based SQL injection -> write up Blind SQL injection with time delays -> write up Blind SQL injection with time delays and information retrieval -> write up Blind SQL injection with out-of-band interaction -> write up Blind SQL injection with out-of-band data exfiltration -> write up SQL injection with filter bypass via XML encoding-> write up
π Labs
π Labs
π Labs
DOM-based vulnerabilities
π Labs
DOM-based vulnerabilities Lab1 -> write up DOM-based vulnerabilities Lab2 -> write up DOM-based vulnerabilities Lab3 -> write up DOM-based vulnerabilities Lab4 -> write up DOM-based vulnerabilities Lab5 -> write up DOM-based vulnerabilities Lab6-> write up DOM-based vulnerabilities Lab7 -> write up
π Labs
XML external entity (XXE) injection
π Labs
π Labs
π Labs
HTTP request smuggling Lab10 -> write up HTTP request smuggling Lab11 -> write up
π Labs
Server-side template injection
π Labs
Server-side template injection Lab1 -> write up Server-side template injection Lab2 -> write up Server-side template injection Lab3 -> write up Server-side template injection Lab4 -> write up Server-side template injection Lab5 -> write up Server-side template injection Lab6 -> write up Server-side template injection Lab7 -> write up
π Labs
Access control vulnerabilities
π Labs
Access control vulnerabilities Lab1 -> write up Access control vulnerabilities Lab2 -> write up Access control vulnerabilities Lab3 -> write up Access control vulnerabilities Lab4 -> write up Access control vulnerabilities Lab5 -> write up Access control vulnerabilities Lab6 -> write up Access control vulnerabilities Lab7 -> write up Access control vulnerabilities Lab8 -> write up Access control vulnerabilities Lab9 -> write up Access control vulnerabilities Lab10 -> write up Access control vulnerabilities Lab11 -> write up Access control vulnerabilities Lab12 -> write up
Authentication vulnerabilities
π Labs
Authentication vulnerabilities Lab1 -> write up Authentication vulnerabilities Lab2 -> write up Authentication vulnerabilities Lab3 -> write up Authentication vulnerabilities Lab4 -> write up Authentication vulnerabilities Lab5 -> write up Authentication vulnerabilities Lab6 -> write up Authentication vulnerabilities Lab7 -> write up Authentication vulnerabilities Lab8 -> write up Authentication vulnerabilities Lab9 -> write up Authentication vulnerabilities Lab10 -> write up Authentication vulnerabilities Lab11 -> write up Authentication vulnerabilities Lab12 -> write up Authentication vulnerabilities Lab13 -> write up Authentication vulnerabilities Lab14 -> write up
WebSockets vulnerabilities
π Labs
WebSockets vulnerabilities Lab1 -> write up WebSockets vulnerabilities Lab2 -> write up WebSockets vulnerabilities Lab3 -> write up
π Labs
Insecure deserialization Lab1 -> write up Insecure deserialization Lab2 -> write up Insecure deserialization Lab3 -> write up Insecure deserialization Lab4 -> write up Insecure deserialization Lab5 -> write up Insecure deserialization Lab6 -> write up Insecure deserialization Lab7 -> write up Insecure deserialization Lab8 -> write up Insecure deserialization Lab9 -> write up Insecure deserialization Lab10 -> write up
π Labs
Business logic vulnerabilities
π Labs
Business logic vulnerabilities Lab1 -> write up Business logic vulnerabilities Lab2 -> write up Business logic vulnerabilities Lab3 -> write up Business logic vulnerabilities Lab4 -> write up Business logic vulnerabilities Lab5 -> write up Business logic vulnerabilities Lab6 -> write up Business logic vulnerabilities Lab7 -> write up Business logic vulnerabilities Lab8 -> write up Business logic vulnerabilities Lab9 -> write up Business logic vulnerabilities Lab10 -> write up Business logic vulnerabilities Lab11 -> write up
π Labs
π Labs
π Labs
π Labs
About
A compendium of fundamental exploitation techniques from the PortSwigger Academy. Completed by members of the NTUT_is1ab team.
Resources
Stars
Watchers
Forks
You canβt perform that action at this time.