{"version":1,"pages":[{"id":"JcUX0WJaEzJZzq3cIX5h","title":"Writeups and Walkthroughs","pathname":"/writeups-and-walkthroughs","siteSpaceId":"sitesp_r8KMm","emoji":"270d","description":""},{"id":"BGwL4pKMQ0CZOVkv4jE8","title":"THM","pathname":"/writeups-and-walkthroughs/thm","siteSpaceId":"sitesp_r8KMm"},{"id":"rYqmNHRVWwoVo6R5XUvU","title":"Simple CTF","pathname":"/writeups-and-walkthroughs/thm/simple-ctf","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"Q2wmmYpJFaafDM4Aa3eg","title":"RootMe","pathname":"/writeups-and-walkthroughs/thm/rootme","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"BuL4UHpxp2isfXkDmPV6","title":"Eternal Blue","pathname":"/writeups-and-walkthroughs/thm/eternal-blue","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"Wr2yaj3cnJHSDYJfUkSS","title":"Vulnversity","pathname":"/writeups-and-walkthroughs/thm/vulnversity","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"7aZEy7HFMVzt0NDesreh","title":"Pickle Rick","pathname":"/writeups-and-walkthroughs/thm/pickle-rick","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"excwgMizrRYXCeRQsdvB","title":"Brooklyn Nine Nine","pathname":"/writeups-and-walkthroughs/thm/brooklyn-nine-nine","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"41CqlFWK1HscYRJ9q53s","title":"Kenobi","pathname":"/writeups-and-walkthroughs/thm/kenobi","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"VNYm5ipiJ6lcaQ1mYVdk","title":"Bounty Hacker","pathname":"/writeups-and-walkthroughs/thm/bounty-hacker","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"1aRXPBDSgRH32gf0EHd1","title":"Overpass","pathname":"/writeups-and-walkthroughs/thm/overpass","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"Tw7EESAnh0spcHyfvsIA","title":"LazyAdmin","pathname":"/writeups-and-walkthroughs/thm/lazyadmin","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"D1WflBV42oxskt2v3clf","title":"Ignite","pathname":"/writeups-and-walkthroughs/thm/ignite","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"B7lhrbqtYKQIhixYDYST","title":"Bolt","pathname":"/writeups-and-walkthroughs/thm/bolt","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"PqratlMG3w43z5dIAie6","title":"Agent Sudo","pathname":"/writeups-and-walkthroughs/thm/agent-sudo","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"tqlcFgvZNpixxH55Xiww","title":"Anonymous","pathname":"/writeups-and-walkthroughs/thm/anonymous","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"50nEXTiOPeiuUUPO69cM","title":"Startup","pathname":"/writeups-and-walkthroughs/thm/startup","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"7FdSS9CwPltJ4NkrS9KY","title":"Wgel","pathname":"/writeups-and-walkthroughs/thm/wgel","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"GZxWrWAzmH5P2alUSN92","title":"Lian_Yu","pathname":"/writeups-and-walkthroughs/thm/lian_yu","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"TlLRLPYcNoQxG2mCNlxn","title":"Blog","pathname":"/writeups-and-walkthroughs/thm/blog","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"AdkBdT5wu44ugEyLX8GN","title":"ColdBox","pathname":"/writeups-and-walkthroughs/thm/coldbox","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"2Rp7ZEyyvtDZ8W76apu3","title":"H4cked","pathname":"/writeups-and-walkthroughs/thm/h4cked","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"Oh0KLzA89CvmUo3xdGHm","title":"Smag Grotto","pathname":"/writeups-and-walkthroughs/thm/smag-grotto","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"vx0HWOhI9v6B9Eo5snF4","title":"Ice","pathname":"/writeups-and-walkthroughs/thm/ice","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"0hBb93YMUBRYwcc9l1tr","title":"Blaster","pathname":"/writeups-and-walkthroughs/thm/blaster","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"4MQkLJYBtiyUDOk5BcQB","title":"The Sticker Shop","pathname":"/writeups-and-walkthroughs/thm/the-sticker-shop","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/thestickershop","breadcrumbs":[{"label":"THM"}]},{"id":"TjsXziOPgjunw3xVbCF3","title":"OWASP","pathname":"/writeups-and-walkthroughs/thm/owasp","siteSpaceId":"sitesp_r8KMm","emoji":"1f51f","description":"https://owasp.org/Top10/","breadcrumbs":[{"label":"THM"}]},{"id":"hdRlN4jJu90I9WnLUQTv","title":"Injection","pathname":"/writeups-and-walkthroughs/thm/owasp/injection","siteSpaceId":"sitesp_r8KMm","emoji":"0031-20e3","description":"","breadcrumbs":[{"label":"THM"},{"label":"OWASP","emoji":"1f51f"}]},{"id":"gc3euWKG8mtaRp4smwrL","title":"Active Directory Basics","pathname":"/writeups-and-walkthroughs/thm/active-directory-basics","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"THM"}]},{"id":"MoT2u9Vkmyf0DLeYUfx4","title":"AD: Basic Enumeration","pathname":"/writeups-and-walkthroughs/thm/ad-basic-enumeration","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/adbasicenumeration","breadcrumbs":[{"label":"THM"}]},{"id":"CpaaGypFA5MpOM7qy9e2","title":"Enumerating Active Directory","pathname":"/writeups-and-walkthroughs/thm/enumerating-active-directory","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/adenumeration","breadcrumbs":[{"label":"THM"}]},{"id":"2GvKnR02bCB2EmCvHwbo","title":"Breaching Active Directory","pathname":"/writeups-and-walkthroughs/thm/breaching-active-directory","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/breachingad","breadcrumbs":[{"label":"THM"}]},{"id":"Wr6H2ldaEVB8eLTFBnyb","title":"Exploiting Active Directory","pathname":"/writeups-and-walkthroughs/thm/exploiting-active-directory","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/exploitingad","breadcrumbs":[{"label":"THM"}]},{"id":"jr2mnqo8c7BFDk5o1bL7","title":"Attacking Kerberos","pathname":"/writeups-and-walkthroughs/thm/attacking-kerberos","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/attackingkerberos","breadcrumbs":[{"label":"THM"}]},{"id":"rGGg0fPL2fxoHvCigVHw","title":"Attacktive Directory","pathname":"/writeups-and-walkthroughs/thm/attacktive-directory","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/r/room/attacktivedirectory","breadcrumbs":[{"label":"THM"}]},{"id":"llb6tUpNxyM6JsN7cy5c","title":"Post-Exploitation Basics","pathname":"/writeups-and-walkthroughs/thm/post-exploitation-basics","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/r/room/postexploit","breadcrumbs":[{"label":"THM"}]},{"id":"uT1y2Y8N2OQq5O5zHXun","title":"Lateral Movement and Pivoting","pathname":"/writeups-and-walkthroughs/thm/lateral-movement-and-pivoting","siteSpaceId":"sitesp_r8KMm","description":"https://tryhackme.com/room/lateralmovementandpivoting","breadcrumbs":[{"label":"THM"}]},{"id":"oGx1lm3YFncNVlZvoUTv","title":"HackTheBox","pathname":"/writeups-and-walkthroughs/hackthebox","siteSpaceId":"sitesp_r8KMm"},{"id":"UWSV0hyMv9f5M6i0Dhts","title":"Active","pathname":"/writeups-and-walkthroughs/hackthebox/active","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"TIJhFZZJuHopIENFDpBg","title":"Devel","pathname":"/writeups-and-walkthroughs/hackthebox/devel","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"iHk5YsL83fNFqovmjlgx","title":"Delivery","pathname":"/writeups-and-walkthroughs/hackthebox/delivery","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"P6wgXMScwwhAuE1JmP8A","title":"Analytics","pathname":"/writeups-and-walkthroughs/hackthebox/analytics","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"PXOlIseXZHQCpUsV1Wfb","title":"Bashed","pathname":"/writeups-and-walkthroughs/hackthebox/bashed","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"yUTUk8RlHfEcgCXpLnlo","title":"Valentine","pathname":"/writeups-and-walkthroughs/hackthebox/valentine","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"ZSUc4JLl4YThDIM0cTHh","title":"Sau","pathname":"/writeups-and-walkthroughs/hackthebox/sau","siteSpaceId":"sitesp_r8KMm","description":"https://www.hackthebox.com/machines/sau","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"zFb4KW1Ql7eZXtFY9I0a","title":"Sunday","pathname":"/writeups-and-walkthroughs/hackthebox/sunday","siteSpaceId":"sitesp_r8KMm","description":"https://www.hackthebox.com/machines/sunday","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"AB5QN243laBAgb0zV3Vl","title":"Cap","pathname":"/writeups-and-walkthroughs/hackthebox/cap","siteSpaceId":"sitesp_r8KMm","description":"https://www.hackthebox.com/machines/cap","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"xa8neKynRoMzPremKJJX","title":"Bizness","pathname":"/writeups-and-walkthroughs/hackthebox/bizness","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"dx7glSQPipuVto7B7vuc","title":"Chemistry %","pathname":"/writeups-and-walkthroughs/hackthebox/chemistry","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"HackTheBox"}]},{"id":"bS8a2Dai38MSyxCKHgQc","title":"Vulnhub","pathname":"/writeups-and-walkthroughs/vulnhub","siteSpaceId":"sitesp_r8KMm"},{"id":"3j9J866n5CpThGqgFlOO","title":"Brainpain (BoF)","pathname":"/writeups-and-walkthroughs/vulnhub/brainpain-bof","siteSpaceId":"sitesp_r8KMm","description":"https://www.vulnhub.com/entry/brainpan-1,51/","breadcrumbs":[{"label":"Vulnhub"}]},{"id":"g5RyAzKwb1b8Lj99F8Qs","title":"DockerLabs","pathname":"/writeups-and-walkthroughs/dockerlabs","siteSpaceId":"sitesp_r8KMm"},{"id":"Dea13tU3uPjlyCnqJ4Uq","title":"Trust","pathname":"/writeups-and-walkthroughs/dockerlabs/trust","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"DockerLabs"}]},{"id":"JaU6TF9R48dut1XnGP22","title":"Upload","pathname":"/writeups-and-walkthroughs/dockerlabs/upload","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"DockerLabs"}]},{"id":"3iEbXEj7LKw9hficqdSA","title":"Vacaciones","pathname":"/writeups-and-walkthroughs/dockerlabs/vacaciones","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"DockerLabs"}]},{"id":"EmtcnjNj2v4e1aU5r83h","title":"DVWA","pathname":"/writeups-and-walkthroughs/dvwa","siteSpaceId":"sitesp_r8KMm"},{"id":"PTGoYTWbuGsdNaHdHll0","title":"Install and configure DVWA","pathname":"/writeups-and-walkthroughs/dvwa/install-and-configure-dvwa","siteSpaceId":"sitesp_r8KMm","description":"https://github.com/digininja/DVWA","breadcrumbs":[{"label":"DVWA"}]},{"id":"gbmY0gT58DE6Piz0qvif","title":"Command Injection","pathname":"/writeups-and-walkthroughs/dvwa/command-injection","siteSpaceId":"sitesp_r8KMm","description":"http://localhost/DVWA/vulnerabilities/exec/","breadcrumbs":[{"label":"DVWA"}]},{"id":"7AWqhr7LHkhoju2dtWNq","title":"CSRF","pathname":"/writeups-and-walkthroughs/dvwa/csrf","siteSpaceId":"sitesp_r8KMm","description":"http://localhost/DVWA/vulnerabilities/csrf/","breadcrumbs":[{"label":"DVWA"}]},{"id":"mnXgfoyXoIGhFoj3ZPg6","title":"File Inclusion","pathname":"/writeups-and-walkthroughs/dvwa/file-inclusion","siteSpaceId":"sitesp_r8KMm","description":"http://localhost/DVWA/vulnerabilities/fi","breadcrumbs":[{"label":"DVWA"}]},{"id":"js9Gkf25oSuErQTTw3zh","title":"SQL Injection","pathname":"/writeups-and-walkthroughs/dvwa/sql-injection","siteSpaceId":"sitesp_r8KMm","description":"http://localhost/DVWA/vulnerabilities/sqli/","breadcrumbs":[{"label":"DVWA"}]},{"id":"OVtNWTPp5WFwWjW0Mf8d","title":"SQLi Blind","pathname":"/writeups-and-walkthroughs/dvwa/sqli-blind","siteSpaceId":"sitesp_r8KMm","description":"http://localhost/DVWA/vulnerabilities/sqli_blind/","breadcrumbs":[{"label":"DVWA"}]},{"id":"n8mX72gPkvvzAqLWL87V","title":"Mutillidae II","pathname":"/writeups-and-walkthroughs/mutillidae-ii","siteSpaceId":"sitesp_r8KMm"},{"id":"Pg54R0GXfFVYxbgL7zXI","title":"Install & configure OWASP Mutillidae II","pathname":"/writeups-and-walkthroughs/mutillidae-ii/install-and-configure-owasp-mutillidae-ii","siteSpaceId":"sitesp_r8KMm","description":"https://github.com/digininja/DVWA","breadcrumbs":[{"label":"Mutillidae II"}]},{"id":"zc7M5T75525nA3mfN7hU","title":"SQLi","pathname":"/writeups-and-walkthroughs/mutillidae-ii/sqli","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"}]},{"id":"LGJaWnGcu1NyXViIuJX3","title":"SQLi Login Bypass","pathname":"/writeups-and-walkthroughs/mutillidae-ii/sqli/sqli-login-bypass","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"SQLi"}]},{"id":"cfwKsT9hdjq2ihvXyLGD","title":"Extracting Data","pathname":"/writeups-and-walkthroughs/mutillidae-ii/sqli/extracting-data","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"SQLi"}]},{"id":"AI7QpkBc1LFmFAx1Sbfy","title":"Finding Number of Columns","pathname":"/writeups-and-walkthroughs/mutillidae-ii/sqli/finding-number-of-columns","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"Mutillidae II"},{"label":"SQLi"}]},{"id":"DhqtnxnWPGfJ6IrNZWnX","title":"Pivoting with SQL injection","pathname":"/writeups-and-walkthroughs/mutillidae-ii/sqli/pivoting-with-sql-injection","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"Mutillidae II"},{"label":"SQLi"}]},{"id":"OzjJ9BAHwUalQGVoCROn","title":"Command Injection","pathname":"/writeups-and-walkthroughs/mutillidae-ii/command-injection","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"}]},{"id":"uO7iZ6g9IHzpP3rCvcky","title":"Extracting User Accounts","pathname":"/writeups-and-walkthroughs/mutillidae-ii/command-injection/extracting-user-accounts","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"Command Injection"}]},{"id":"VIJYJQvo18hHwMBFyc0I","title":"Web Shell","pathname":"/writeups-and-walkthroughs/mutillidae-ii/command-injection/web-shell","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"Command Injection"}]},{"id":"OvX3V5T6Tezfg99J04jQ","title":"IDOR & File Inclusion","pathname":"/writeups-and-walkthroughs/mutillidae-ii/idor-and-file-inclusion","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"}]},{"id":"1tvIrB0KyWO1I2ELDJZJ","title":"Edit Another User's Profile","pathname":"/writeups-and-walkthroughs/mutillidae-ii/idor-and-file-inclusion/edit-another-users-profile","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"IDOR & File Inclusion"}]},{"id":"XHbotoj3FZ2DaAvMb6HU","title":"Extracting User Accounts","pathname":"/writeups-and-walkthroughs/mutillidae-ii/idor-and-file-inclusion/extracting-user-accounts","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"IDOR & File Inclusion"}]},{"id":"mSRZ5D9mdA1Zes09Hler","title":"Extracting User Accounts with Local File Inclusion","pathname":"/writeups-and-walkthroughs/mutillidae-ii/idor-and-file-inclusion/extracting-user-accounts-with-local-file-inclusion","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"IDOR & File Inclusion"}]},{"id":"GOR9Gs9wPrJZ17YTnfpn","title":"Web Shell with Remote File Inclusion (RFI)","pathname":"/writeups-and-walkthroughs/mutillidae-ii/idor-and-file-inclusion/web-shell-with-remote-file-inclusion-rfi","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"IDOR & File Inclusion"}]},{"id":"PcLRkjEvcUPAGkYeNXDe","title":"XSS","pathname":"/writeups-and-walkthroughs/mutillidae-ii/xss","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"}]},{"id":"jzZ3sIWz7QygP8OD5GEP","title":"XSS Reflected","pathname":"/writeups-and-walkthroughs/mutillidae-ii/xss/xss-reflected","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"XSS"}]},{"id":"R1gRumnwWDjPC3fGRL5d","title":"XSS Stored","pathname":"/writeups-and-walkthroughs/mutillidae-ii/xss/xss-stored","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"XSS"}]},{"id":"oAdwuRJmMtoOXe9SF9ms","title":"XSS DOM-Based","pathname":"/writeups-and-walkthroughs/mutillidae-ii/xss/xss-dom-based","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Mutillidae II"},{"label":"XSS"}]},{"id":"MMZa3GO89QXF8ufwX7V5","title":"Secure Bank","pathname":"/writeups-and-walkthroughs/secure-bank","siteSpaceId":"sitesp_r8KMm","description":"https://owasp.org/www-project-securebank/"},{"id":"Yh7sHItKLFSofeXG29xi","title":"Install & configure Secure Bank","pathname":"/writeups-and-walkthroughs/secure-bank/install-and-configure-secure-bank","siteSpaceId":"sitesp_r8KMm","description":"https://owasp.org/www-project-securebank/","breadcrumbs":[{"label":"Secure Bank"}]},{"id":"ZNtQ4LhNHbCkKbbBcBUv","title":"-----","pathname":"/writeups-and-walkthroughs/secure-bank/undefined","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Secure Bank"}]},{"id":"qAuuJ3jrPDhNowL29UlZ","title":"SQLi Login Bypass","pathname":"/writeups-and-walkthroughs/secure-bank/undefined/sqli-login-bypass","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Secure Bank"},{"label":"-----"}]},{"id":"w2a8s0hMpcFgvNvlOCSz","title":"Extracting Data","pathname":"/writeups-and-walkthroughs/secure-bank/undefined/extracting-data","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Secure Bank"},{"label":"-----"}]},{"id":"jR0Oa9t4PiwaJQpxMJ42","title":"Finding Number of Columns","pathname":"/writeups-and-walkthroughs/secure-bank/undefined/finding-number-of-columns","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"Secure Bank"},{"label":"-----"}]},{"id":"NEh1iUsmU6LPHKPDECun","title":"Pivoting with SQL injection","pathname":"/writeups-and-walkthroughs/secure-bank/undefined/pivoting-with-sql-injection","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"Secure Bank"},{"label":"-----"}]},{"id":"aYv0bGTTN82MLDDAeF19","title":"-----","pathname":"/writeups-and-walkthroughs/secure-bank/undefined-1","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Secure Bank"}]},{"id":"y1uSCbWWD8JFL9BYWME1","title":"Extracting User Accounts","pathname":"/writeups-and-walkthroughs/secure-bank/undefined-1/extracting-user-accounts","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Secure Bank"},{"label":"-----"}]},{"id":"5X0SfLyFDbez3ik2okmT","title":"Web Shell","pathname":"/writeups-and-walkthroughs/secure-bank/undefined-1/web-shell","siteSpaceId":"sitesp_r8KMm","description":"","breadcrumbs":[{"label":"Secure Bank"},{"label":"-----"}]},{"id":"nT6WNdcJQrOYA521Q8Dv","title":"PortSwigger - Web Security Academy","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy","siteSpaceId":"sitesp_r8KMm","description":"https://portswigger.net/web-security"},{"id":"uSHX1kLkK8BdMB3UCBd4","title":"Information Disclosure","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure","siteSpaceId":"sitesp_r8KMm","icon":"i","description":"https://portswigger.net/web-security/information-disclosure","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"}]},{"id":"2FDdEawQ4hhrIIsfMRVK","title":"Information disclosure vulnerabilities","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/information-disclosure-vulnerabilities","siteSpaceId":"sitesp_r8KMm","icon":"1","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"}]},{"id":"fP3VaRG2sz7OeHYC8IJm","title":"Common sources of information disclosure","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/common-sources-of-information-disclosure","siteSpaceId":"sitesp_r8KMm","icon":"2","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"}]},{"id":"xsGr8ShA6RNWkGzMFiRp","title":"Information disclosure in error messages","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/common-sources-of-information-disclosure/information-disclosure-in-error-messages","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-error-messages","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"},{"label":"Common sources of information disclosure","icon":"2"}]},{"id":"HkgzPnArlZOaKu2euev1","title":"Information disclosure on debug page","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/common-sources-of-information-disclosure/information-disclosure-on-debug-page","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-on-debug-page","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"},{"label":"Common sources of information disclosure","icon":"2"}]},{"id":"DvmVVWcp39VboF9sJHce","title":"Source code disclosure via backup files","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/common-sources-of-information-disclosure/source-code-disclosure-via-backup-files","siteSpaceId":"sitesp_r8KMm","icon":"vial","description":"https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-via-backup-files","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"},{"label":"Common sources of information disclosure","icon":"2"}]},{"id":"RY0Apnq8nXKjYBXE1HpA","title":"Authentication bypass via information disclosure","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/common-sources-of-information-disclosure/authentication-bypass-via-information-disclosure","siteSpaceId":"sitesp_r8KMm","icon":"vials","description":"https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-authentication-bypass","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"},{"label":"Common sources of information disclosure","icon":"2"}]},{"id":"vxZiwjj1l2ZNCRramAoB","title":"Information disclosure in version control history","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/information-disclosure/common-sources-of-information-disclosure/information-disclosure-in-version-control-history","siteSpaceId":"sitesp_r8KMm","icon":"flask","description":"https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-version-control-history","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Information Disclosure","icon":"i"},{"label":"Common sources of information disclosure","icon":"2"}]},{"id":"aecrdxe6876KmgNf8N5K","title":"Essential skills","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/essential-skills","siteSpaceId":"sitesp_r8KMm","icon":"e","description":"https://portswigger.net/web-security/essential-skills","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"}]},{"id":"FMS0BIGngptZeBY24IgQ","title":"Obfuscating attacks using encodings","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/essential-skills/obfuscating-attacks-using-encodings","siteSpaceId":"sitesp_r8KMm","icon":"1","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Essential skills","icon":"e"}]},{"id":"B9JOUjKijdI6QjE36uq8","title":"SQL injection with filter bypass via XML encoding","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/essential-skills/obfuscating-attacks-using-encodings/sql-injection-with-filter-bypass-via-xml-encoding","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/sql-injection/lab-sql-injection-with-filter-bypass-via-xml-encoding","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Essential skills","icon":"e"},{"label":"Obfuscating attacks using encodings","icon":"1"}]},{"id":"L7n9uIb6NmW3tuj7ek5N","title":"Using Burp Scanner","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/essential-skills/using-burp-scanner","siteSpaceId":"sitesp_r8KMm","icon":"2","description":"https://portswigger.net/web-security/essential-skills/using-burp-scanner-during-manual-testing","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Essential skills","icon":"e"}]},{"id":"WXDrPRHvf9s6TUyqo8q1","title":"Identifying unknown vulnerabilities","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/essential-skills/identifying-unknown-vulnerabilities","siteSpaceId":"sitesp_r8KMm","icon":"3","description":"https://portswigger.net/web-security/essential-skills#identifying-unknown-vulnerabilities","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Essential skills","icon":"e"}]},{"id":"bAaTeKbIrCXhFELsGsSl","title":"Server-side vulnerabilities","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities","siteSpaceId":"sitesp_r8KMm","icon":"s","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"}]},{"id":"a8NpgR5CZTrVwEEMlMss","title":"Path traversal","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/path-traversal","siteSpaceId":"sitesp_r8KMm","icon":"p","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/path-traversal-apprentice/file-path-traversal/what-is-path-traversal","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"7aEoWGgcl7CMupLcCE9t","title":"File path traversal, simple case","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/path-traversal/file-path-traversal-simple-case","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Path traversal","icon":"p"}]},{"id":"avzLTKOp3gvnRH1Sz9jV","title":"Access control","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/access-control","siteSpaceId":"sitesp_r8KMm","icon":"a","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/access-control-apprentice/access-control/what-is-access-control","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"KHZuNLrvbgVpJW3sCH5J","title":"Unprotected admin functionality","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/access-control/unprotected-admin-functionality","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/access-control-apprentice/access-control/lab-unprotected-admin-functionality","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Access control","icon":"a"}]},{"id":"ekXgIDNFMMnGMZdomQFC","title":"Unprotected admin functionality with unpredictable URL","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/access-control/unprotected-admin-functionality-with-unpredictable-url","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/access-control-apprentice/access-control/lab-unprotected-admin-functionality-with-unpredictable-url","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Access control","icon":"a"}]},{"id":"B8fGFqBiaiTs70kPmTr5","title":"User role controlled by request parameter","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/access-control/user-role-controlled-by-request-parameter","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/access-control-apprentice/access-control/lab-user-role-controlled-by-request-parameter","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Access control","icon":"a"}]},{"id":"I7yqydxjX4cWCUo1UBiw","title":"User ID controlled by request parameter, with unpredictable user IDs","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/access-control/user-id-controlled-by-request-parameter-with-unpredictable-user-ids","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Access control","icon":"a"}]},{"id":"GadmuN3VsyhXXFUVgq8M","title":"User ID controlled by request parameter with password disclosure","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/access-control/user-id-controlled-by-request-parameter-with-password-disclosure","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/access-control/lab-user-id-controlled-by-request-parameter-with-password-disclosure","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Access control","icon":"a"}]},{"id":"sciewR9M9kSsaMNfTwyX","title":"Authentication","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/authentication","siteSpaceId":"sitesp_r8KMm","icon":"a","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/authentication-apprentice/authentication/authentication-vulnerabilities","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"gYPczh3KG8Ukt8FAYc5k","title":"Username enumeration via different responses","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/authentication/username-enumeration-via-different-responses","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/authentication-apprentice/authentication/password-based/lab-username-enumeration-via-different-responses","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Authentication","icon":"a"}]},{"id":"jrIiWHHg7gv2ZBBM1EL1","title":"2FA simple bypass","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/authentication/2fa-simple-bypass","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/authentication-apprentice/authentication/multi-factor/lab-2fa-simple-bypass","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Authentication","icon":"a"}]},{"id":"Pl85QzhmHMOQO0zomdgY","title":"Server-side request forgery (SSRF)","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/server-side-request-forgery-ssrf","siteSpaceId":"sitesp_r8KMm","icon":"a","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"j0YwrOA7HtDbBVmEFKQf","title":"Basic SSRF against the local server","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/server-side-request-forgery-ssrf/basic-ssrf-against-the-local-server","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/ssrf-apprentice/ssrf/lab-basic-ssrf-against-localhost","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Server-side request forgery (SSRF)","icon":"a"}]},{"id":"wqZOGDCoCwRYphs9mZct","title":"Basic SSRF against another back-end system","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/server-side-request-forgery-ssrf/basic-ssrf-against-another-back-end-system","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/ssrf-apprentice/ssrf/lab-basic-ssrf-against-backend-system","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"Server-side request forgery (SSRF)","icon":"a"}]},{"id":"dS8tGGQJdBWJX6QA6YMk","title":"File upload vulnerabilities","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/file-upload-vulnerabilities","siteSpaceId":"sitesp_r8KMm","icon":"f","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"NDbYubAMOfL3TfUM7QMO","title":"Remote code execution via web shell upload","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/file-upload-vulnerabilities/remote-code-execution-via-web-shell-upload","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/file-upload-apprentice/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"File upload vulnerabilities","icon":"f"}]},{"id":"sIR3O2GzJPGQBoJpb7IK","title":"Web shell upload via Content-Type restriction bypass","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/file-upload-vulnerabilities/web-shell-upload-via-content-type-restriction-bypass","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/file-upload-apprentice/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"File upload vulnerabilities","icon":"f"}]},{"id":"z518OZVQeq4zPeipWY84","title":"OS Command Injection","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/os-command-injection","siteSpaceId":"sitesp_r8KMm","icon":"o","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/os-command-injection-apprentice/os-command-injection/what-is-os-command-injection","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"8OlrZtVm9N6G8T7JvQ3D","title":"OS command injection, simple case","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/os-command-injection/os-command-injection-simple-case","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/os-command-injection-apprentice/os-command-injection/lab-simple","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"OS Command Injection","icon":"o"}]},{"id":"ktH5Y0PvgXH4CGT1e4yj","title":"SQL injection","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/sql-injection","siteSpaceId":"sitesp_r8KMm","icon":"s","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/sql-injection-apprentice/sql-injection/what-is-sql-injection-sqli","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"}]},{"id":"IEx0e4osyz7MNgDB5yOA","title":"SQL injection vulnerability in WHERE clause allowing retrieval of hidden data","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/sql-injection/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/sql-injection-apprentice/sql-injection/lab-retrieve-hidden-data","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"SQL injection","icon":"s"}]},{"id":"4jaxXrlvK0UDhd6rb3M5","title":"SQL injection vulnerability allowing login bypass","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/server-side-vulnerabilities/sql-injection/sql-injection-vulnerability-allowing-login-bypass","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice/sql-injection-apprentice/sql-injection/lab-login-bypass","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Server-side vulnerabilities","icon":"s"},{"label":"SQL injection","icon":"s"}]},{"id":"2b1LrCsq0YluMrvNeBMB","title":"JWT Attacks","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks","siteSpaceId":"sitesp_r8KMm","icon":"j","description":"http://portswigger.net/web-security/jwt","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"}]},{"id":"fWBllRQNLEXbPa2Q2RDj","title":"Json Web Tokens (JWT)","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/json-web-tokens-jwt","siteSpaceId":"sitesp_r8KMm","icon":"1","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"}]},{"id":"f1gfzaTm7MptB17Kpwee","title":"Exploiting JWT","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt","siteSpaceId":"sitesp_r8KMm","icon":"2","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"}]},{"id":"EiC4fvvjYFtiAlk4gtqk","title":"JWT authentication bypass via unverified signature","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/jwt-authentication-bypass-via-unverified-signature","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-unverified-signature","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"}]},{"id":"PoTjLDG9DarREb7FyS9l","title":"JWT authentication bypass via flawed signature verification","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/jwt-authentication-bypass-via-flawed-signature-verification","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-flawed-signature-verification","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"}]},{"id":"BGBUfxJ9xZv0xJ3CNzvh","title":"JWT authentication bypass via weak signing key","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/jwt-authentication-bypass-via-weak-signing-key","siteSpaceId":"sitesp_r8KMm","icon":"vial","description":"https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-weak-signing-key","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"}]},{"id":"Ic3bWFXQg8cSZX2fkTb4","title":"To-Do","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/to-do","siteSpaceId":"sitesp_r8KMm","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"}]},{"id":"oEMMMCvahOlkmA1QM2BX","title":"JWT authentication bypass via jwk header injection - %","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/to-do/jwt-authentication-bypass-via-jwk-header-injection","siteSpaceId":"sitesp_r8KMm","icon":"vials","description":"https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-jwk-header-injection","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"},{"label":"To-Do"}]},{"id":"GwVrruYlXnqicZsm9DqW","title":"JWT authentication bypass via jku header injection - %","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/to-do/jwt-authentication-bypass-via-jku-header-injection","siteSpaceId":"sitesp_r8KMm","icon":"flask","description":"https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-jku-header-injection","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"},{"label":"To-Do"}]},{"id":"iei3yTwTf8Of1gcwQ8UI","title":"JWT authentication bypass via kid header path traversal - %","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/jwt-attacks/exploiting-jwt/to-do/jwt-authentication-bypass-via-kid-header-path-traversal","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-kid-header-path-traversal","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"JWT Attacks","icon":"j"},{"label":"Exploiting JWT","icon":"2"},{"label":"To-Do"}]},{"id":"DSG3AbEGVTk8HTtJoicb","title":"API Testing","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing","siteSpaceId":"sitesp_r8KMm","icon":"a","description":"https://portswigger.net/web-security/api-testing","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"}]},{"id":"wE6E3VrypENVd6sWjMqP","title":"API Testing","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing/api-testing","siteSpaceId":"sitesp_r8KMm","icon":"1","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"API Testing","icon":"a"}]},{"id":"GF4zYaKunZcmg9b9X8UT","title":"Exploiting an API endpoint using documentation","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing/api-testing/exploiting-an-api-endpoint-using-documentation","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/lab-exploiting-api-endpoint-using-documentation","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"API Testing","icon":"a"},{"label":"API Testing","icon":"1"}]},{"id":"QdPf3gksWcw6nFGe4ymb","title":"Finding and exploiting an unused API endpoint","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing/api-testing/finding-and-exploiting-an-unused-api-endpoint","siteSpaceId":"sitesp_r8KMm","icon":"vial-virus","description":"https://portswigger.net/web-security/api-testing/lab-exploiting-unused-api-endpoint","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"API Testing","icon":"a"},{"label":"API Testing","icon":"1"}]},{"id":"iQvelVRkeEEX9cQSGq9L","title":"Exploiting a mass assignment vulnerability","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing/api-testing/exploiting-a-mass-assignment-vulnerability","siteSpaceId":"sitesp_r8KMm","icon":"vial","description":"https://portswigger.net/web-security/learning-paths/api-testing/api-testing-mass-assignment-vulnerabilities/api-testing/lab-exploiting-mass-assignment-vulnerability","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"API Testing","icon":"a"},{"label":"API Testing","icon":"1"}]},{"id":"qI3eCLstzlrZMgjhl1Gs","title":"Server-side parameter pollution","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing/server-side-parameter-pollution","siteSpaceId":"sitesp_r8KMm","icon":"2","description":"","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"API Testing","icon":"a"}]},{"id":"vi0BaC6uqGKuXJkRCCpm","title":"Exploiting server-side parameter pollution in a query string","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/api-testing/server-side-parameter-pollution/exploiting-server-side-parameter-pollution-in-a-query-string","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/learning-paths/api-testing/api-testing-testing-for-server-side-parameter-pollution-in-the-query-string/api-testing/server-side-parameter-pollution/lab-exploiting-s","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"API Testing","icon":"a"},{"label":"Server-side parameter pollution","icon":"2"}]},{"id":"A4yI3VU8iUSmy1yIwDwl","title":"Deserialization Insecure","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure","siteSpaceId":"sitesp_r8KMm","icon":"d","description":"https://portswigger.net/web-security/deserialization","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"}]},{"id":"mhYuk9f4nRyMpZislC3D","title":"Serialization vs Deserialization","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/serialization-vs-deserialization","siteSpaceId":"sitesp_r8KMm","icon":"1","description":"https://portswigger.net/web-security/deserialization#what-is-serialization","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"}]},{"id":"3qCbrYHRqEl2ayuttpVL","title":"Lab","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/serialization-vs-deserialization/lab","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/lab-exploiting-api-endpoint-using-documentation","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"},{"label":"Serialization vs Deserialization","icon":"1"}]},{"id":"4pQTaCWZ5BEmkdjUoXGr","title":"Lab","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/serialization-vs-deserialization/lab-1","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/server-side-parameter-pollution/lab-exploiting-server-side-parameter-pollution-in-query-string","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"},{"label":"Serialization vs Deserialization","icon":"1"}]},{"id":"wBieot08LzdseFsxxr90","title":"Java Insecure Deserialization","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/java-insecure-deserialization","siteSpaceId":"sitesp_r8KMm","icon":"2","description":"https://portswigger.net/web-security/deserialization/exploiting#java-serialization-format","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"}]},{"id":"MjgulvPgAWMn67YtRSQt","title":"Lab","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/java-insecure-deserialization/lab","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/lab-exploiting-api-endpoint-using-documentation","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"},{"label":"Java Insecure Deserialization","icon":"2"}]},{"id":"vRvNW9F2hCoUv6vUW2qt","title":"Lab","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/java-insecure-deserialization/lab-1","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/server-side-parameter-pollution/lab-exploiting-server-side-parameter-pollution-in-query-string","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"},{"label":"Java Insecure Deserialization","icon":"2"}]},{"id":"Uf8xxjTPM1LPdWEXPMH5","title":"PHP Insecure Deserialization","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/php-insecure-deserialization","siteSpaceId":"sitesp_r8KMm","icon":"3","description":"https://portswigger.net/web-security/deserialization/exploiting#php-serialization-format","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"}]},{"id":"vJRL8z4wgJaJPBD6DD1F","title":"Lab","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/php-insecure-deserialization/lab","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/lab-exploiting-api-endpoint-using-documentation","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"},{"label":"PHP Insecure Deserialization","icon":"3"}]},{"id":"Hr6oZ4vexoehmxwkXBij","title":"Lab","pathname":"/writeups-and-walkthroughs/portswigger-web-security-academy/deserialization-insecure/php-insecure-deserialization/lab-1","siteSpaceId":"sitesp_r8KMm","icon":"flask-vial","description":"https://portswigger.net/web-security/api-testing/server-side-parameter-pollution/lab-exploiting-server-side-parameter-pollution-in-query-string","breadcrumbs":[{"label":"PortSwigger - Web Security Academy"},{"label":"Deserialization Insecure","icon":"d"},{"label":"PHP Insecure Deserialization","icon":"3"}]},{"id":"2QFV3LlwFux59HlthRiM","title":"HomeMade Labs","pathname":"/writeups-and-walkthroughs/homemade-labs","siteSpaceId":"sitesp_r8KMm","description":""},{"id":"NbT7eaQBiDxeoeMMjigB","title":"Active Directory","pathname":"/writeups-and-walkthroughs/homemade-labs/active-directory","siteSpaceId":"sitesp_r8KMm","icon":"folder-tree","breadcrumbs":[{"label":"HomeMade Labs"}]},{"id":"iMX6dUc2wbdBhMXUUt84","title":"AD Enumeration","pathname":"/writeups-and-walkthroughs/homemade-labs/active-directory/ad-enumeration","siteSpaceId":"sitesp_r8KMm","icon":"input-numeric","description":"https://dev-angelist.gitbook.io/home/active-directory/ad-enumeration","breadcrumbs":[{"label":"HomeMade Labs"},{"label":"Active Directory","icon":"folder-tree"}]},{"id":"EE5OYym1meHCIKLQoYax","title":"SMB Common Attacks","pathname":"/writeups-and-walkthroughs/homemade-labs/active-directory/smb-common-attacks","siteSpaceId":"sitesp_r8KMm","icon":"album-collection-circle-user","breadcrumbs":[{"label":"HomeMade Labs"},{"label":"Active Directory","icon":"folder-tree"}]},{"id":"ozglMHF1L4b858MOhHyO","title":"Pivoting","pathname":"/writeups-and-walkthroughs/homemade-labs/pivoting","siteSpaceId":"sitesp_r8KMm","icon":"stack-overflow","breadcrumbs":[{"label":"HomeMade Labs"}]},{"id":"fUORIhuVkEw1GssfFiXc","title":"Buffer Overflow (BoF)","pathname":"/writeups-and-walkthroughs/homemade-labs/buffer-overflow-bof","siteSpaceId":"sitesp_r8KMm","icon":"stack-overflow","breadcrumbs":[{"label":"HomeMade Labs"}]},{"id":"aaZocrtqX17YmBFeysWH","title":"Brainpain (BoF Lab)","pathname":"/writeups-and-walkthroughs/homemade-labs/buffer-overflow-bof/brainpain-bof-lab","siteSpaceId":"sitesp_r8KMm","icon":"flask-gear","description":"https://www.vulnhub.com/entry/brainpan-1,51/","breadcrumbs":[{"label":"HomeMade Labs"},{"label":"Buffer Overflow (BoF)","icon":"stack-overflow"}]}]}