root&beer
Cross-Site Request Forgery (CSRF) penetration testing guide covering token analysis, request forgery testing, and CSRF exploitation techniques. Learn how to identify vulnerable endpoints, create PoC attacks, and test CSRF protection mechanisms for web security assessments.
root&beer
SQL injection penetration testing guide covering union-based, boolean-based, time-based, and error-based SQL injection techniques using SQLMap and manual methods to exploit database vulnerabilities and extract sensitive data during security assessments.
root&beer
Cross-Site Scripting (XSS) penetration testing guide covering reflected, stored, and DOM-based XSS vulnerabilities. Learn detection techniques, filter bypass methods, and exploitation using tools like XSSer, Dalfox, and manual testing for web application security assessments.
A medium CTF challenge that demonstrates a PHP Cookie Serialization Attack via preferences.php, leading to a reverse shell. Discover how the .Xauthority file was exploited to capture sensitive data, and learn about privilege escalation techniques used to gain root access without a password.
Vulnhub's Web Machine N7. Labeled as a medium difficulty box with a lot of directory enumeration and some use of sqlmap
A walkthrough of VulnHub's Matrix: 2 box. It is an intermediate challenge with directory traversal, password cracking and steganography.
