ervinismu

Tag: Writeup

26 items with this tag.

Oct 23, 2025
About Me
Oct 17, 2025
PortSwigger Lab: Web shell upload via Content-Type restriction bypass
Oct 17, 2025
PortSwigger Lab: Web shell upload via path traversal
Oct 17, 2025
PortSwigger Lab: Basic SSRF against the local server
Oct 17, 2025
PortSwigger Lab: Blind SSRF with out-of-band detection (WIP)
Oct 16, 2025
PortSwigger Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded
Oct 14, 2025
PortSwigger Academy - Exploiting LLM APIs with excessive agency
Oct 14, 2025
PortSwigger Lab: Username enumeration via different responses
Oct 14, 2025
PortSwigger Lab: Username enumeration via subtly different responses
Oct 14, 2025
PortSwigger Lab: Remote code execution via polyglot web shell
Oct 14, 2025
PortSwigger Lab: Remote code execution via web shell upload
Oct 14, 2025
PortSwigger Lab: Web shell upload via extension blacklist bypass
Oct 14, 2025
PortSwigger Lab: Web shell upload via obfuscated file extension
Oct 14, 2025
PortSwigger Lab: Basic SSRF against another back-end system
Oct 14, 2025
PortSwigger Lab: SSRF with blacklist-based input filter.
Oct 14, 2025
PortSwigger Lab: SSRF with filter bypass via open redirection vulnerability
Oct 14, 2025
PortSwigger Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded
Oct 14, 2025
PortSwigger Lab: DOM XSS in jQuery anchor href attribute sink using location.search source
Oct 14, 2025
PortSwigger Lab: DOM XSS in jQuery selector sink using a hashchange event
Oct 14, 2025
PortSwigger Lab: DOM XSS in document.write sink using source location.search inside a select element
Oct 14, 2025
PortSwigger Lab: Reflected DOM XSS
Oct 14, 2025
PortSwigger Lab: Reflected XSS into HTML context with nothing encoded
Oct 14, 2025
PortSwigger Lab: Reflected XSS into attribute with angle brackets HTML-encoded
Sep 02, 2025
HackTheBox - nibbles
Sep 02, 2025
HackTheBox Writeup - getting started public exploit
Sep 02, 2025
HackTheBox Writeup - getting started web enumeration

Created with Quartz v4.5.1 © 2025

Mastodon
Linkedin
Medium
Github