Tiểu Phương

• March 14, 2024

  Lab: Cross-site WebSocket hijacking

• March 13, 2024

  Lab: Manipulating WebSocket messages to exploit vulnerabilities

• March 12, 2024

  Lab: CSRF vulnerability with no defenses

• March 11, 2024

  Lab: CSRF where Referer validation depends on header being present

• March 10, 2024

  Lab: Information disclosure in version control history

• March 9, 2024

  Lab: Excessive trust in client side control

• March 8, 2024

  Lab: High-level logic vulnerability

• March 7, 2024

  Lab: Information disclosure in error messages

• March 6, 2024

  Lab: Information disclosure on debug page

• March 5, 2024

  Lab: Source code disclosure via backup files