cyberw1ng.medium.com
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2025-08-14.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2025-08-14 2025 | Server-side request forgery (SSRF) in Web App Penetration Testing | 2023SSRF | The content title mentions "Server-side request forgery (SSRF) in Web App Penetration Testing | 2023." It suggests a focus on SSRF vulnerabilities within web applications during penetration testing in the year 2023. This indicates a specific interest in exploring and addressing security risks associated with SSRF attacks in web applications as part of a comprehensive testing approach. |
| 2024-09-30 2024 | Broken Authentication: A Common Vulnerability Exposing User AccountsAuthN | Exploiting Weak Authentication Mechanisms to Compromise User Access |
| 2024-09-16 2024 | What is Prototype Pollution?Bug Bounty | Bug Bounty Essentials by Karthikeyan Nagaraj |
| 2023-11-07 2023 | 11.2 Lab: Exploiting XXE to perform SSRF attacks | 2023SSRFXXE | The content discusses a lab session focused on exploiting XML External Entity (XXE) vulnerabilities to conduct Server-Side Request Forgery (SSRF) attacks. This practical exercise likely involves demonstrating how attackers can manipulate XML input to access internal resources and potentially launch SSRF attacks. The lab aims to provide hands-on experience in understanding and mitigating these security risks. Participants will likely gain insights into the exploitation of XXE vulnerabilities and the associated SSRF attack vectors. The session may offer valuable insights into securing applications against such threats. |
| 2023-10-13 2023 | Understanding File Upload Vulnerabilities in Web App Penetration Testing | 2023RCE | Understanding File Upload Vulnerabilities in Web App Penetration Testing | 2023 https://ift.tt/8aVoHYJ |