Category: Portswigger

Write-ups of all my solved Portswigger labs.

May 3, 2024

Lab: Manipulating the WebSocket handshake to exploit vulnerabilities
March 15, 2024

Lab: SameSite Lax bypass via method override
March 14, 2024

Lab: Cross-site WebSocket hijacking
March 13, 2024

Lab: Manipulating WebSocket messages to exploit vulnerabilities
March 12, 2024

Lab: CSRF vulnerability with no defenses
March 11, 2024

Lab: CSRF where Referer validation depends on header being present
March 10, 2024

Lab: Information disclosure in version control history
March 9, 2024

Lab: Excessive trust in client side control
March 8, 2024

Lab: High-level logic vulnerability
March 7, 2024

Lab: Information disclosure in error messages