© 2026 Hashnode
Entering cybersecurity today can feel overwhelming. Newcomers are often torn between formal certifications focused on theory (like the ISC2 Certified in Cybersecurity – CC) and hands-on platforms such as TryHackMe and PortSwigger Web Security Academy...

Our target is to exploit a hypothetical web application, simulating real-world scenarios. To demonstrate HTTP/2 request splitting, we will follow a step-by-step solution provided by the lab: Setup with Burp Suite: Start by sending a request for GET ...

Introduction Cross-Origin Resource Sharing (CORS) vulnerabilities can take many forms, and one of the most interesting variants involves trusting the "null" origin. In this article, we'll explore the PortSwigger Web Security Academy lab "CORS vulnera...

Introduction Cross-Origin Resource Sharing (CORS) vulnerabilities represent a significant security risk when misconfigured. In this walkthrough, we'll explore PortSwigger's "CORS vulnerability with basic origin reflection" lab, demonstrating how impr...
