Preview Image

Accessing private GraphQL posts

Laboratorio de Portswigger sobre GraphQL API Vulnerabilities

Feb 26, 2025 Portswigger Labs, GraphQL API Vulnerabilities

Preview Image

Authentication bypass via encryption oracle

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 24, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Infinite money logic flaw

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 22, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Authentication bypass via flawed state machine

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 22, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Insufficient workflow validation

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 20, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Weak isolation on dual-use endpoint

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 20, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Inconsistent handling of exceptional input

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 20, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Low-level logic flaw

Laboratorio de Portswigger sobre Business Logic Vulnerabilities

Feb 20, 2025 Portswigger Labs, Business Logic Vulnerabilities

Preview Image

Manipulating the WebSocket handshake to exploit vulnerabilities

Laboratorio de Portswigger sobre WebSocket Attacks

Feb 19, 2025 Portswigger Labs, WebSocket Attacks

Preview Image

Cross-site WebSocket hijacking

Laboratorio de Portswigger sobre WebSocket Attacks

Feb 19, 2025 Portswigger Labs, WebSocket Attacks