Locked
Getting Started - (Forensics)
This post is currently locked and will be available soon...
Blog Posts
A university’s online registration portal asks students to upload their ID cards for verification. The developer put some filters in place to...
Developers should never trust user input. Even when you think you’ve sanitized everything and even when you’re using the familiar ? placeholder...
This post begins a short series about authentication mistakes I often see in Node.js/Express applications. We’ll look at a real-but-safe example where...
When we accessed the website, we found this:
I made a cool website where you can announce whatever you want! I read about input sanitization, so now I remove any...
Check the admin scratchpad!
I made a cool website where you can announce whatever you want! Try it out!I heard templating is a cool and modular...
Bookstore ▁▃▅ MEDIUM Objective: understand how a vulnerable API can be exploited Web Exploitation 🔗 Start Challenge →
While searching for jobs on a New York City job portal, I decided to create an account and explore the platform’s features....
Injectics ▁▃▅ MEDIUM Objective: Use your injection skills to take control of a web app. Web Exploitation 🔗 Start Challenge →
Locked
I Didn't Hack nyc.gov Their Confirmation System Did
This post is currently locked and will be available soon...