Lab: Exploiting Java deserialization with Apache Commons Posted on 2023-05-08 | Post modified | In Security|Practice|Portswigger Web Security Academy|Deserialization | Lab: Exploiting Java deserialization with Apache Commons Read more »
NTU CNS Final Project Proposal Posted on 2023-04-30 | Post modified | In Security|Course|NTU CNS | NTU CNS Final Project Proposal Read more »
Lab: Modifying serialized data types Posted on 2023-04-28 | Post modified | In Security|Practice|Portswigger Web Security Academy|Deserialization | Lab: Modifying serialized data types Read more »
Lab: Arbitrary object injection in PHP Posted on 2023-04-28 | Post modified | In Security|Practice|Portswigger Web Security Academy|Deserialization | Lab: Arbitrary object injection in PHP Read more »
Deserialization - APPRENTICE Posted on 2023-04-28 | Post modified | In Security|Practice|Portswigger Web Security Academy|Deserialization | Deserialization - APPRENTICE Read more »
Lab: CSRF where token is tied to non-session cookie Posted on 2023-04-28 | Post modified | In Security|Practice|Portswigger Web Security Academy|CSRF|Not Complete | Lab: CSRF where token is tied to non-session cookie Read more »
XXE - APPRENTICE Posted on 2023-04-27 | Post modified | In Security|Practice|Portswigger Web Security Academy|XXE | XXE - APPRENTICE Read more »
Lab: Exploiting `XInclude` to retrieve files Posted on 2023-04-27 | Post modified | In Security|Practice|Portswigger Web Security Academy|XXE | Lab: Exploiting XInclude to retrieve files Read more »
Lab: Exploiting XXE via image file upload Posted on 2023-04-27 | Post modified | In Security|Practice|Portswigger Web Security Academy|XXE | Lab: Exploiting XXE via image file upload Read more »
XSS - APPRENTICE Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|XSS | XSS - APPRENTICE Read more »
Lab: Stored DOM XSS Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|XSS | Lab: Stored DOM XSS Read more »
Lab: DOM XSS in `document.write` sink using source `location.search` inside a select element Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|XSS | Lab: DOM XSS in document.write sink using source location.search inside a select element Read more »
SQLi - APPRENTICE Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | SQLi - APPRENTICE Read more »
Lab: SQL injection attack, querying the database type and version on Oracle Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection attack, querying the database type and version on Oracle Read more »
Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft Read more »
Lab: SQL injection attack, listing the database contents on non-Oracle databases Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection attack, listing the database contents on non-Oracle databases Read more »
Lab: SQL injection attack, listing the database contents on Oracle Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection attack, listing the database contents on Oracle Read more »
Lab: SQL injection UNION attack, retrieving multiple values in a single column Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection UNION attack, retrieving multiple values in a single column Read more »
Lab: SQL injection UNION attack, retrieving data from other tables Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection UNION attack, retrieving data from other tables Read more »
Lab: SQL injection UNION attack, finding a column containing text Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection UNION attack, finding a column containing text Read more »
Lab: SQL injection UNION attack, determining the number of columns returned by the query Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|SQL | Lab: SQL injection UNION attack, determining the number of columns returned by the query Read more »
Lab: CSRF where token validation depends on token being present Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|CSRF|針對CSRF Token與同源政策的繞過手段 | Lab: CSRF where token validation depends on token being present Read more »
Lab: CSRF where token validation depends on request method Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|CSRF|針對CSRF Token與同源政策的繞過手段 | Lab: CSRF where token validation depends on request method Read more »
Lab: CSRF where token is not tied to user session Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|CSRF|針對CSRF Token與同源政策的繞過手段 | Lab: CSRF where token is not tied to user session Read more »
CSRF - APPRENTICE Posted on 2023-04-25 | Post modified | In Security|Practice|Portswigger Web Security Academy|CSRF | CSRF - APPRENTICE Read more »
Cryptography Lec 6(Key Agreement Protocol) - Notes Posted on 2023-04-21 | Post modified | In Security|Course|NTU Crypto | Cryptography Lec 6(Key Agreement Protocol) - Notes Read more »
Cryptography Lec 5(Symmetric Key Cryptography) - Notes Posted on 2023-04-20 | Post modified | In Security|Course|NTU Crypto | Cryptography Lec 5(Symmetric Key Cryptography) - Notes Read more »
