Jay WanderyXML external entity (XXE) injectionIn todays writeup, i will dwell on yet another web vulnerability type from https://portswigger.net/web-security/xxe that allows the…Jun 7Jun 7
Jay WanderyRace Conditionsin this write up, i will briefly discuss what race conditions are and ways to mitigate them.May 18May 18
Jay WanderyFile upload vulnerabilities | PortswiggerHere, we will learn how simple file upload functionalities can be used as a powerful vector for a number of high-severity attacks.Apr 30Apr 30
Jay WanderyHTTP request smugglingHello Everyone, this is yet another continuation to the HTTP request smuggling smuggling. This writeup is meant to cover the advanced…Apr 21Apr 21
Jay WanderyHTTP Request SmugglingWelcome to another walk through on HTTP request smuggling as provided by https://portswigger.net/web-security/request-smugglingApr 12Apr 12
Jay WanderyNoSQL injectionNoSQL injection is a vulnerability where an attacker is able to interfere with the queries that an application makes to a NoSQL database…Jan 12Jan 12
Jay WanderyInsecure De-serializationSerialization is the process of converting complex data structures, such as objects and their fields, into a “flatter” format that can be…Jan 6Jan 6
Jay Wandery2FA Broken Logic | Authentication Vulnerabilities | PortswiggerIn this lab, the 2FA is vulnerable to a flawed logic.Sep 3, 2023Sep 3, 2023