January 18, 2025

PortSwigger Academy

XXE Injection

Blind XXE with out of band interaction via XML Parameter Entities This lab has a "Check stock" feature that parses ...
Read More

SSRF

Basic SSRF Against Another IP Basic SSRF Against another IP #GOAL: This lab has a stock check feature which fetches ...
Read More

Information Disclosure

Information disclosure in error messages Goal: This lab's verbose error messages reveal that it is using a vulnerable version of ...
Read More

PortSwigger Authentication

2FA Broken Logic Goal: The lab's two factor authentication is vulnerable due to its flawed logic. To solve the lab, ...
Read More

SQL Injection Burp Academy

SQL Injection obtaining data from other tables The goal of this lab is to retrieve data from other tables using ...
Read More