Bug Bounty | Vulnerabilities Indepth
In depth view of how to attack and defend against modern day attack vectors
SSRF Intro (Part 1 SSRF Series)
SSRF (Server-Side Request Forgery: server-side request forgery) is a fake exploit server-initiate...
SSRF Bypass (Part 2 SSRF Series) [incomplete]
What can we do with SSRF? SSRF to reflection XSS Try to use URL to access internal resources an...
SSRF Prevention (Part 3 SSRF Series)
How to prevent SSRF It is easier to filter the returned information and verify the response of t...
SSRF in a CTF Context (Part 4 SSRF Series)
Common attack surface Port scanning can be performed on the external network, the internal netwo...
CSP Intro (Part 1 CSP Series)
CSP (Content Security Policy) is there / in-place to mitigate some attacks, such as xss, csrf. It...
CSP Bypass (Part 2 CSP Series) TODO
CSP Prevention (Part 3 CSP Series)
CSP is especially important for your users: they no longer need to be exposed to any unsolicited ...
CSP in a CTF Context (Part 4 CSP Series)
Common attack surface script-src : script: only trust the current domain nameobject-src : Do not...