PortSwigger Web Academy: Stealing OAuth Tokens Via Open RedirectVulnerability Chaining for Account TakeoverNov 11, 2023Nov 11, 2023
PortSwigger Web Academy: Exploiting NoSQL Injection to Extract DataHello, World! This blog post will serve as a walkthrough of PortSwigger’s Web Academy new NoSQL Injections lab #3, “Exploiting NoSQL…Sep 29, 2023Sep 29, 2023
PortSwigger Web Academy: NoSQL Operator Injection Auth BypassHello, World! This blog post will serve as a walkthrough of PortSwigger’s Web Academy new NoSQL Injections lab #2, “Exploiting NoSQL…Sep 29, 2023Sep 29, 2023
PortSwigger Web Academy: Detecting NoSQL Injection LabHello, World! This blog post will serve as a walkthrough of PortSwigger’s Web Academy new NoSQL Injections labs, specifically lab #1…Sep 28, 2023Sep 28, 2023
Reducing the IFrame Attack SurfaceHow Browsers Can Protect Your Web Apps From Embedded ContentSep 11, 2023Sep 11, 2023
GHAST: GitHub Actions Security Analysis ToolScan Your GitHub Actions for Common Security Bad PracticesJul 25, 2023Jul 25, 2023
LINDDUN: Privacy Threat Modeling FrameworkIdentifying Privacy Threats in Your System DesignJul 9, 2023Jul 9, 2023