Aitorgg02

Aitorgg02

CyberSecurity and Web Developer

CTF

Portswigger

portswigger

Nombre Categoría Dificultad Publicado  
DOM XSS in document.write sink using source location.search XSS Apprentice 31/08/2022 Writeup
DOM XSS in jQuery anchor href attribute sink using location.search XSS Apprentice 31/08/2022 Writeup
DOM XSS in jQuery selector sink using a hashchange event XSS Apprentice 31/08/2022 Writeup
DOM XSS in innerHTML sink using source location.search XSS Apprentice 31/08/2022 Writeup
Reflected XSS into HTML context with nothing encoded XSS Apprentice 31/08/2022 Writeup
Stored XSS into HTML context with nothing encoded XSS Apprentice 31/08/2022 Writeup
Username enumeration via subtly different responses Authentication Practitioner 01/09/2022 Writeup
Username enumeration via different responses Authentication Apprentice 01/09/2022 Writeup
Password reset broken logic Authentication Apprentice 02/09/2022 Writeup
2FA simple bypass Authentication Apprentice 02/09/2022 Writeup
Reflected XSS into a JavaScript string with angle brackets HTML-encoded XSS Apprentice 03/09/2022 Writeup
SQL Injection vulnerability allowing login bypass SQL Injection Apprentice 03/09/2022 Writeup
SQL Injection vulnerability WHERE clause allowing retrieval of hidden data SQL Injection Apprentice 03/09/2022 Writeup
Stored XSS into anchor href attribute with double quotes HTML-encoded XSS Apprentice 04/09/2022 Writeup
Reflected DOM XSS XSS Practitioner 04/09/2022 Writeup
Stored DOM XSS XSS Practitioner 04/09/2022 Writeup
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded XSS Practitioner 05/09/2022 Writeup
DOM XSS in document.write sink using using source location.search inside a select element XSS Practitioner 05/09/2022 Writeup
Manipulating WebSocket messages to exploit vulnerabilities WebSocket Apprentice 05/09/2022 Writeup
Reflected XSS into attribute with angle brackets HTML-encoded XSS Apprentice 05/09/2022 Writeup
CSRF vulnerability with no defenses CSRF Apprentice 07/09/2022 Writeup
Reflected XSS into a JavaScript string with single quote and backslash escaped XSS Practitioner 07/09/2022 Writeup
Blind OS Command Injection with output redirection OS Command Injection Practitioner 08/09/2022 Writeup
Blind OS Command Injection with out-of-band interaction OS Command Injection Practitioner 08/09/2022 Writeup
Blind OS Command Injection with time delays OS Command Injection Practitioner 08/09/2022 Writeup
OS Command Injection, simple case OS Command Injection Apprentice 08/09/2022 Writeup
Unprotected admin functionality Access control vulnerabilities Apprentice 03/10/2022 Writeup
Unprotected admin functionality with unpredectible URL Access control vulnerabilities Apprentice 03/10/2022 Writeup
User role controlled by request parameter Access control vulnerabilities Apprentice 03/10/2022 Writeup