@hexemma

Cryptography Problems in DVWA

May 6 · 20 min read · Introduction Cryptography is used everywhere in modern applications to protect sensitive data such as passwords, session tokens, and personal information. Strong cryptographic algorithms are essential

Command Injection in DVWA

Apr 26 · 12 min read · Introduction Command Injection is a web vulnerability that occurs when an application passes user-controlled input directly to a system shell without proper validation. In such cases, an attacker can

Open HTTP Redirect in DVWA

Apr 19 · 14 min read · Introduction Open Redirect is a web vulnerability that allows an application to redirect users to a different URL based on user-controlled input. At first glance, it might seem like a minor issue comp

Cross Site Request Forgery (CSRF) in DVWA

Apr 12 · 14 min read · Introduction Cross-Site Request Forgery (CSRF) is a web vulnerability that allows attackers to perform unauthorized actions on behalf of an authenticated user, often without the victim ever realizing

DOM-Based XSS in DVWA

Mar 29 · 14 min read · Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code