EEEmma Engströminpentesting-dvwa.hashnode.dev·May 6 · 20 min readCryptography Problems in DVWAIntroduction Cryptography is used everywhere in modern applications to protect sensitive data such as passwords, session tokens, and personal information. Strong cryptographic algorithms are essential00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·May 5 · 22 min readFile Inclusion in DVWA1 Introduction In this post, the File Inclusion vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for local file inclusion (LFI) attacks on all levels is to read 00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Apr 26 · 28 min readBlind SQL Injection in DVWA1 Introduction In this post, the Blind SQL Injection vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to find the version of the SQL00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Apr 18 · 27 min readInsecure CAPTCHA in DVWA1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Apr 12 · 16 min readWeak Session IDs in DVWA1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat00
EEEmma Engströminpentesting-dvwa.hashnode.dev·Mar 29 · 14 min readDOM-Based XSS in DVWA Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code 00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Mar 26 · 21 min readJavaScript Attacks in DVWA1 Introduction In this post, the JavaScript Attacks vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to analyse and manipulate the J00
EEEmma Engströminpentesting-dvwa.hashnode.dev·Mar 25 · 12 min readStored XSS in DVWAIntroduction This post examines a Stored Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA), and demonstrates how it can be used to achieve persistent client-side c00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Mar 21 · 29 min readAPI Security in DVWA1 Introduction In this post, the API Security vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks across all security levels is to exploit weaknesses in00
EEEmma Engströminpentesting-dvwa.hashnode.dev·Mar 19 · 14 min readReflected XSS in DVWAIntroduction This post demonstrates how a reflected Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to execute malicious client-side scripts in 00
