Chrome Dev Tools – AI Assist
Chrome Dev Tools – AI Assist Ever found yourself looking at the console in Chrome Dev tools and wondering “what in the world does that mean?” If so, then this post is for you! Now, without having to pop back…
Chrome Dev Tools – AI Assist Ever found yourself looking at the console in Chrome Dev tools and wondering “what in the world does that mean?” If so, then this post is for you! Now, without having to pop back…
Time for another one of the advanced labs on the PortSwigger Web Security Academy. For this lab, we are dealing with an HTTP/2 downgrade attack that allows the attacker to smuggle a request to the backend. Due to how the…
This lab is a bit similar to the last, however, it has a completely different purpose. In the previous, we poisoned the cache in an attempt to trigger an XSS. In this lab, we are looking at poisoning a cache…
This lab is a lot of fun and requires chaining together techniques to fully exploit. First, we have to identify if, where, and how the application is vulnerable to a smuggling attack. Once that has been established, we need to…
This next lab represents an interesting vulnerability where specific paths/routes within an application are vulnerable to desync when there is no expectation of anything other than the intended HTTP verb ever showing as part of a request. These are very…