EEEmma Engströminpentesting-dvwa.hashnode.dev00DOM-Based XSS in DVWA 5d ago · 14 min read · Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code Join discussion
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev00JavaScript Attacks in DVWAMar 26 · 20 min read · 1 Introduction In this post, the JavaScript Attacks vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to analyse and manipulate the JJoin discussion
EEEmma Engströminpentesting-dvwa.hashnode.dev00Stored XSS in DVWAMar 25 · 12 min read · Introduction This post examines a Stored Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA), and demonstrates how it can be used to achieve persistent client-side cJoin discussion
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev00API Security in DVWAMar 21 · 24 min read · 1 Introduction In this post, the API Security vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks across all security levels is to exploit weaknesses inJoin discussion
EEEmma Engströminpentesting-dvwa.hashnode.dev00Reflected XSS in DVWAMar 19 · 14 min read · Introduction This post demonstrates how a reflected Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to execute malicious client-side scripts in Join discussion
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev00CSP Bypass in DVWAMar 14 · 13 min read · 1 Introduction In this post, the Content Security Policy (CSP) Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass theJoin discussion
EEEmma Engströminpentesting-dvwa.hashnode.dev00File Upload in DVWAMar 12 · 15 min read · Introduction This post demonstrates how a file upload vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to achieve remote code execution. The objective of the attack is to uJoin discussion
MBMokshan Basuruinmokshan.hashnode.dev00Beyond the Scanner: Analyzing Infrastructure & Logic Vulnerabilities in SaaS APIsMar 11 · 6 min read · Executive summary During a security assessment of an enterprise-grade package library, I identified a multi-stage attack chain composed of three logic and infrastructure flaws: HTTP Parameter PollutioJoin discussion
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev00Authorisation Bypass in DVWAMar 8 · 12 min read · 1 Introduction In this post, the Authorisation Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to identify any areas where aJoin discussion
EEEmma Engströminpentesting-dvwa.hashnode.dev00Brute Force in DVWAMar 8 · 16 min read · Introduction This post explores the brute-force vulnerability in the Damn Vulnerable Web Application (DVWA). The objective of the attack is to gain unauthorised access to the application by discoverinJoin discussion
