Preview Image

CSRF where token validation depends on token being present

Laboratorio de Portswigger sobre CSRF

Mar 7, 2025 Portswigger Labs, CSRF

Preview Image

CSRF where token validation depends on request method

Laboratorio de Portswigger sobre CSRF

Mar 7, 2025 Portswigger Labs, CSRF

Preview Image

CSRF vulnerability with no defenses

Laboratorio de Portswigger sobre CSRF

Mar 7, 2025 Portswigger Labs, CSRF

Preview Image

Exploiting NoSQL operator injection to extract unknown fields

Laboratorio de Portswigger sobre NoSQLI

Mar 4, 2025 Portswigger Labs, NoSQLI

Preview Image

Exploiting NoSQL injection to extract data

Laboratorio de Portswigger sobre NoSQLI

Mar 3, 2025 Portswigger Labs, NoSQLI

Preview Image

Exploiting NoSQL operator injection to bypass authentication

Laboratorio de Portswigger sobre NoSQLI

Mar 2, 2025 Portswigger Labs, NoSQLI

Preview Image

Detecting NoSQL injection

Laboratorio de Portswigger sobre NoSQLI

Mar 1, 2025 Portswigger Labs, NoSQLI

Preview Image

Bypassing GraphQL brute force protections

Laboratorio de Portswigger sobre GraphQL API Vulnerabilities

Feb 28, 2025 Portswigger Labs, GraphQL API Vulnerabilities

Preview Image

Finding a hidden GraphQL endpoint

Laboratorio de Portswigger sobre GraphQL API Vulnerabilities

Feb 27, 2025 Portswigger Labs, GraphQL API Vulnerabilities

Preview Image

Accidental exposure of private GraphQL fields

Laboratorio de Portswigger sobre GraphQL API Vulnerabilities

Feb 26, 2025 Portswigger Labs, GraphQL API Vulnerabilities