Personal Website Github LinkedIn

Personal Website Github LinkedIn

Home
Blue Team Labs Online
bWAPP
Command Challenge
CryptoHack
- General
CSAW 2023
CTFLearn
CyberDefenders
DVWA
Ethernaut
- 00 - Hello Ethernaut
Exploit Education
- Protostar
Google CTF - Beginner's Quest
- 0000
- 1837
- 1943
- 1965
- 1987
- 1988
- 1989
- 1990
- 1994
Hacker101
- Postbook
LetsDefend
- DFIR
  - Phishing
    Email Analysis
    Phishing Email
Microcorruption
NetGarage IO
- level 1
- level 2
OverTheWire
- Bandit
PicoCTF
PortSwigger labs
- Client-side topics
  - Cross-site scripting (XSS)
    Reflected XSS into HTML context with nothing encoded
    Stored XSS into HTML context with nothing encoded
    DOM XSS in document.write sink using source location.search
    DOM XSS in innerHTML sink using source location.search
    DOM XSS in jQuery anchor href attribute sink using location.search source
    DOM XSS in jQuery selector sink using a hashchange event
    Reflected XSS into attribute with angle brackets HTML-encoded
    Stored XSS into anchor href attribute with double quotes HTML-encoded
- Server-side topics
Pwn College
pwanable.kr
- fd
- random
Root Me
ROP Emporium
- ret2win
- split
TryHackMe
- Easy
- Medium
Under The Wire
- Century
- Cyborg
W3Challs
- Web
  - Change your browser
Websec.fr

Powered by GitBook

On this page

Was this helpful?

PortSwigger labs

Server-side topics

XXE injection

Exploiting XXE using external entities to retrieve files
Exploiting XXE to perform SSRF attacks

Last updated 1 year ago

Was this helpful?