Tag feed

Cryptography Problems in DVWA

May 6 · 20 min read · Introduction Cryptography is used everywhere in modern applications to protect sensitive data such as passwords, session tokens, and personal information. Strong cryptographic algorithms are essential

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

File Inclusion in DVWA

May 5 · 22 min read · 1 Introduction In this post, the File Inclusion vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for local file inclusion (LFI) attacks on all levels is to read

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

Blind SQL Injection in DVWA

Apr 26 · 28 min read · 1 Introduction In this post, the Blind SQL Injection vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to find the version of the SQL

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

Insecure CAPTCHA in DVWA

Apr 18 · 27 min read · 1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

Weak Session IDs in DVWA

Apr 12 · 16 min read · 1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat

DOM-Based XSS in DVWA

Mar 29 · 14 min read · Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

JavaScript Attacks in DVWA

Mar 26 · 21 min read · 1 Introduction In this post, the JavaScript Attacks vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to analyse and manipulate the J

Stored XSS in DVWA

Mar 25 · 12 min read · Introduction This post examines a Stored Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA), and demonstrates how it can be used to achieve persistent client-side c

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

API Security in DVWA

Mar 21 · 29 min read · 1 Introduction In this post, the API Security vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks across all security levels is to exploit weaknesses in

Reflected XSS in DVWA

Mar 19 · 14 min read · Introduction This post demonstrates how a reflected Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to execute malicious client-side scripts in