Hellow world! How y’all doing? Today we’ll be discussing the 2nd part of our SQL Injection attacks. As mentioned in the last article, I initially planned to combine all the SQLi write-ups into one, but as I started with the last article I decided its better to dive a little deeper than usual with more … Read moreOWASP Juice Shop – SQL Injection 2
Hellow world! Today I want to talk about SQL Injection, and how I discovered multiple SQLi vulnerabilities on OWASP Juice Shop. I waited till today to write about SQLi simply because in the first injections I found were honestly so simple that could be explained in one paragraph. So I decided to wait a lil … Read moreOWASP Juice Shop – SQL Injection 1
Hellow world! In today’s write-up, I will explain to you in a very detailed and informative fashion the steps I took, or didn’t, in order to achieve a successful Cross Site Request Forgery Attack (aka CSRF) on OWASP’s Juice Shop application. It is going to be a long one, so buckle up… To be perfectly … Read moreOWASP Juice Shop – CSRF
Hellow World! Today we will talking about another one of the vulnerabilities I found during the first day of attacking OWASP Juice Shop for practice. This one is also interesting, because it involves a neat trick I learned while listening to my favorite bug bounty podcast Critical Thinking Podcast. (shout out to Justin Gardner aka Rhynorater) This … Read moreOWASP Juice Shop – Open Redirect
Hellow world! After a long time I decided to start writing on my own blog. This time with a lil more dedication. I will be documenting my journey through the most popular vulnerable web apps and CTFS for starters and see where it takes me. First stop: OWASP Juice Shop -If there’s any energy left … Read moreOWASP Juice Shop – DOM XSS