The following is my documentation on PortSwigger’s Academy labs. End goal: Perform a cross-site scripting attack that breaks out of the JavaScript string and calls the alert function Remember when we did this? Well this lab has accounted for our previous method of calling the alert function by placing our search queries into a JavaScript […]
Stored XSS into anchor href attribute with double quotes HTML-encoded
The following is my documentation on PortSwigger’s Academy labs. End Goal: Submit a comment that calls the alert function when the author name is clicked In our last lab, we called an alert function by injecting our payload into a search bar. Our “end goal” already alluded that we are likely going to take advantage […]
Reflected XSS into attribute with angle brackets HTML-encoded
The following is my documentation on PortSwigger’s Academy labs. Goal: Perform a cross-site scripting attack that injects an attribute and calls the “alert” function This was, overall, a simple and quick lab, but one that highlights why certain prevention methods are super important. We’ll begin, by taking a look at the website and then popping […]
DOM XSS in jQuery selector sink using a hashchange event
The following is my documentation on Portswigger’s Academy labs. Goal: Deliver an exploit that calls print() in the user’s browser. We are going to commit “blogger sin” and show you the solution first and work our way backward. That’s because I want to be helpful in my learning journey, but also because as someone who […]
Vulnerability Assessment Report (Example)
You can read this portfolio project as a PDF or continue to read it as a blog post below! 8th October 20XX System Description The server hardware consists of a powerful CPU processor and 128GB of memory. It runs on the latest version of Linux operating system and hosts a MySQL database management system. It […]
SQL injection with filter bypass via XML encoding
The following is my documentation on Portswigger’s Academy Labs. Goal: Log into the Admin user’s account with password credentials retrieved from a hidden table by exploiting SQL injection. I will be using Burpsuite (in this case the community edition) to view proxy history and automate our payloads. To begin let us take a look at […]
How I snuck into a cybersecurity conference with fake credentials
Thursday’s conference was a gathering of security-minded professionals and vendors. The message of the day was that preventing threats is the first, and most important step in keeping your business open. Naturally, I decided to sneak in.