My solutions for Web Security Academy.
Visit Web Security Academy to learn all the details!
- Access control vulnerabilities and privilege escalation
- Cross-origin resource sharing (CORS)
- Clickjacking (UI redressing)
- Testing for WebSockets security vulnerabilities
- SQL injection
- Cross-site scripting (contexts)
- Cross-site scripting (exploits)
- Cross-site request forgery (CSRF)
- XML external entity (XXE) injection
- Server-side request forgery (SSRF)
- HTTP request smuggling
- OS command injection
- Directory traversal