Intro Authentication is the front door to your application - and like any door, if it’s weak or poorly secured, attackers will break in. From brute-force attacks and credential stuffing to logic f...

Intro The challenge is named after the popular data format JSON, which plays a central role in the exploitation path. As you progress, you’ll learn how to: Enumerate services and end...

Intro Today I pwnd a RES room (https://tryhackme.com/room/res) from TryHackMe! This one featured a misconfigured Redis service that opened the door to initial access, and a bit of fun with SUID bi...

Intro Today I tackled the Alfred room on TryHackMe - an engaging Windows-based challenge that dives deep into privilege escalation tactics. Whether you’re prepping for certifications or just sharp...

Intro What Is Broken Access Control? Broken Access Control occurs when restrictions on what authenticated users are allowed to do are not properly enforced. This allows attackers to act outside...

Intro As Large Language Models (LLMs) like OpenAI’s GPT, Anthropic’s Claude, and Google’s Gemini become embedded in web applications, search engines, and enterprise workflows, they introduce a new...

Intro SQL Injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the queries an application makes to its database. It happens when user input is not properly san...

Intro Ways of injecting OS commands You can use a number of shell metacharacters to perform OS command injection attacks. A number of characters function as command separators, allowing commands t...

Intro File upload vulnerabilities occur when a web application improperly handles user-uploaded files, allowing attackers to upload malicious files such as web shells, scripts, or executables. Thes...

XSS Intro XSS is a type of injection attack that allows attackers to execute arbitrary JavaScript in a user’s browser, leading to session hijacking, phishing, defacement, or redirection to maliciou...