NPNarges Pourkamaliinsafeai.blog·Jun 8 · 8 min readPortSwigger's Insights: Understanding Web LLM AttacksPortSwigger has taken an important step towards understanding LLM attacks. I studied this topic and wrote down the key points to better understand it. 1. Fundamental Concepts Learn a little more about74LR
FSFarouq Serikiinfasthedeveloper.hashnode.dev·May 16 · 38 min read OWASP Mobile Top 10 for React Native Fintech Apps: A Practical Implementation ChecklistTL;DR The OWASP Mobile Top 10 isn't abstract theory — it's the exact list pen testers use to fail your app. Here's the cheat sheet: M1 — stop storing tokens in AsyncStorage, use Keychain/Keystore. M2 00
EEEmma Engströminpentesting-dvwa.hashnode.dev·May 6 · 20 min readCryptography Problems in DVWAIntroduction Cryptography is used everywhere in modern applications to protect sensitive data such as passwords, session tokens, and personal information. Strong cryptographic algorithms are essential00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·May 5 · 22 min readFile Inclusion in DVWA1 Introduction In this post, the File Inclusion vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for local file inclusion (LFI) attacks on all levels is to read 00
MBMouhamed Ben Abdallahinerinmin-writeups.hashnode.dev·May 2 · 4 min readFile path traversal, simple case WriteUp & WalkthroughLab Writeup: File Path Traversal — Simple Case Platform: PortSwigger Web Security Academy Vulnerability: Path Traversal (CWE-22) Difficulty: Apprentice Tool Used: Caido (Burp Suite alternative) What 00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Apr 26 · 28 min readBlind SQL Injection in DVWA1 Introduction In this post, the Blind SQL Injection vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to find the version of the SQL00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Apr 18 · 27 min readInsecure CAPTCHA in DVWA1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system00
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Apr 12 · 16 min readWeak Session IDs in DVWA1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat00
HAHardik Arorainhardik0811arora.hashnode.dev·Mar 29 · 5 min read🛡️Educonnect: A Deep Dive into Cloud-Native Security & K3s Orchestration"If you can't measure it, you can't secure it." In this post, I’m pulling back the curtain on the EduConnect CI/CD pipeline. We aren't just looking at code; we are looking at real-time security telem10
WBWiktoria Blomgren Strandberginpentesting-dvwa.hashnode.dev·Mar 26 · 21 min readJavaScript Attacks in DVWA1 Introduction In this post, the JavaScript Attacks vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to analyse and manipulate the J00
