Security Misconfiguration occurs oftentimes because of human error but what makes it different from the others is that it could be easily avoided most times if the proper measures were taken.
TryHackMe- OWASP Top 10 — Broken Access Control
This lab walkthrough will focus on the Broken Access Control, one of the OWASP Top 10 Vulnerabilities. Broken Access Control is an instance in which a user that is not authorized to access an administrative page is able to do so. [Severity 5] Broken Access Control (IDOR Challenge)
This lab walkthrough will focus on the Broken Access Control, one of the OWASP Top 10 Vulnerabilities. Broken Access Control is an instance in which a user that is not authorized to access an administrative page is able to do so.
[Severity 5] Broken Access Control (IDOR Challenge)
TryHackMe — OWASP Top 10 — XML External Entity
This lab will be focusing on the OWASP Top 10 lab on TryHackMe; XML (Extensible Markup Language) External Entity (XXE)Attack is a vulnerability that takes advantage of features of XML parsers/data. It allows attackers to read files that they would otherwise be unauthorized to view and to have access to…
TryHackMe — OWASP Top 10 — Authentication
Authentication is one of OWASP's Top 10 Vulnerabilities and this blog serves to provide a walkthrough of the TryHackMe Lab on the OWASP Top 10 which provided insight into this specific vulnerabilty and how to exploit it. What is Authentication as it relates to OWASP?
TryHackMe — OWASP Top 10 — Injection
Hey, guys, I’m back with another walkthrough of a tryhackme lab but this time the focus is on Open Web Application Security (OWASP) 🐝 vulnerability and of course how to exploit it. This will be a multi-part blog, this blog will focus on Injection. OWASP Top 10: Injection Broken Authentication Sensitive Data Exposure …
TryHackMe- Burp Suite Walkthrough
Hey guys, this blog will focus on the powerful web app pentesting tool Burp Suite and its components. So… if you have read my previous blogs then you would know that I am familiar with the Burp Suite tool therefore I won’t get into how to download it and all…
Lab: Username enumeration via different responses
Hey guys, welcome to another blog series but this time the focus is on Authentication based on the learning path on Web Security Academy. I am excited to learn about authentication vulnerabilities and share my journey with you.