AAbhinavinlog.page0.dev·4d ago · 2 min readLAB #04 Basic password reset poisoningLab Overview This lab is vulnerable to password reset poisoning. The user carlos will carelessly click on any links in emails that he receives. To solve the lab, log in to Carlos's account. You can lo00
AAbhinavinlog.page0.dev·5d ago · 2 min readLAB#03 OAuth account hijacking via redirect_uriLab Overview This lab uses an OAuth service to allow users to log in with their social media account. A misconfiguration by the OAuth provider makes it possible for an attacker to steal authorization 00
AAbhinavinlog.page0.dev·Jul 8 · 3 min readLAB #02 Forced OAuth profile linkingLab Overview This lab gives you the option to attach a social media profile to your account so that you can log in via OAuth instead of using the normal username and password. Due to the insecure impl10
AAbhinavinlog.page0.dev·Jul 6 · 4 min readLAB #01 SSRF via OpenID dynamic client registrationLab Overview This lab allows client applications to dynamically register themselves with the OAuth service via a dedicated registration endpoint. Some client-specific data is used in an unsafe way by 10
AAbhinavinlog.page0.dev·Apr 25 · 5 min readThe HackRF Guide Nobody Asked ForWhat Even is a HackRF? Picture this: It’s a tiny USB device that costs less than your monthly coffee budget but can mess with radio signals from 1MHz to 6GHz. That’s basically everything from AM radio00