#attack

1d ago · 14 min read · Introduction This report demonstrates how a reflected Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to execute malicious client-side scripts i

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

CSP Bypass in DVWA

6d ago · 13 min read · Introduction In this post, the Content Security Policy (CSP) Bypass vulnerability in Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the CSP a

Join discussion

EEEmma Engströmpentesting-dvwa.hashnode.dev

0

File Upload in DVWA

Mar 12 · 15 min read · Introduction This post demonstrates how a file upload vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to achieve remote code execution. The objective of the attack is to u

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Authorisation Bypass in DVWA

Mar 8 · 12 min read · Introduction In this post, the Authorisation Bypass vulnerability in Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to identify any areas where authori

Join discussion

EEEmma Engströmpentesting-dvwa.hashnode.dev

0

Brute Force in DVWA

Mar 8 · 16 min read · Introduction This post explores the brute-force vulnerability in the Damn Vulnerable Web Application (DVWA). The objective of the attack is to gain unauthorised access to the application by discoverin

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

SQL Injection in DVWA

Mar 6 · 16 min read · Introduction In this post, the SQL Injection vulnerability in Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to extract user login credentials. Lab en

Join discussion

AYAkash Yadavblog.akashy.com.np

0

IDOR Explained: How Insecure Direct Object Reference Breaks Your Authorization

Mar 1 · 5 min read · 🚨 Introduction You can build beautiful APIs.You can have authentication.You can even have JWTs, OAuth, and encrypted traffic. And still ship a critical vulnerability. That vulnerability is IDOR — Ins

Join discussion

KCKanishk Chandnablogs.kanishk.codes

0

How to Spot and Block Bots on Your Website

Feb 2 · 4 min read · Modern websites are constantly interacting with automated programs. Some of these bots are useful, like search engine crawlers. Others are not. They scrape data, spam forms, brute-force logins, or abuse APIs. The challenge is not just blocking bots, ...

Join discussion

AAl-Mooradialmooradi.hashnode.dev

0

Essential Steps to Take After a Web Attack

Jan 9 · 8 min read · All steps should be completed immediately, so it's better if a team works on them. This way, they can manage multiple tasks at the same time, making the process faster. This list is not a complete gui

Join discussion

SKSakshi Kthe-human-factor-in-cybersecurity.hashnode.dev

0

Insider Threat Detection: Why It’s Harder Than External Attacks

Dec 24, 2025 · 4 min read · When organizations think about cybersecurity threats, they often picture external attackers hackers breaking in through firewalls, exploiting vulnerabilities, or launching brute-force attacks. While these threats are real and dangerous, some of the m...

Join discussion

Tag feed

Tag feed

#attack

Trending tags this week