oldlamb

Setting Up GoPhish for Anonymous Phishing in 2024 (Well, almost anonymous...)

Setting Up GoPhish for Anonymous Phishing in 2024 (Well, almost anonymous...)
CPSA Mastery: Part 1 - Soft Skills & Core Technical Skills Aligned with CREST

CPSA Mastery: Part 1 - Soft Skills & Core Technical Skills Aligned with CREST
Lab: Limit overrun race conditions

Lab: Limit overrun race conditions
Linux Fundamentals (The Shell, Workflow)

Linux Fundamentals (The Shell, Workflow)
Practice exam: App 2

Practice exam: App 2
Lab: CORS vulnerability with trusted insecure protocols

Lab: CORS vulnerability with trusted insecure protocols
Lab: CORS vulnerability with trusted null origin

Lab: CORS vulnerability with trusted null origin
Lab: CORS vulnerability with basic origin reflection

Lab: CORS vulnerability with basic origin reflection
ATutor Authentication Bypass and RCE (Gaining Remote Code Execution - 3.10.6)

ATutor Authentication Bypass and RCE (Gaining Remote Code Execution - 3.10.6)
ATutor Authentication Bypass and RCE (Gaining Remote Code Execution - 3.10.5)

ATutor Authentication Bypass and RCE (Gaining Remote Code Execution - 3.10.5)
File Inclusion

File Inclusion
SQL Injection Fundamentals

SQL Injection Fundamentals
JavaScript Deobfuscation

JavaScript Deobfuscation
Attacking Web Applications with Ffuf

Attacking Web Applications with Ffuf
ATutor Authentication Bypass and RCE (Bypassing File Upload Restrictions - 3.9.1)

ATutor Authentication Bypass and RCE (Bypassing File Upload Restrictions - 3.9.1)
Lab: JWT authentication bypass via algorithm confusion

Lab: JWT authentication bypass via algorithm confusion
Lab: JWT authentication bypass via jku header injection

Lab: JWT authentication bypass via jku header injection
Lab: JWT authentication bypass via algorithm confusion with no exposed key

Lab: JWT authentication bypass via algorithm confusion with no exposed key
Lab: JWT authentication bypass via kid header path traversal

Lab: JWT authentication bypass via kid header path traversal
Lab: JWT authentication bypass via jwk header injection

Lab: JWT authentication bypass via jwk header injection
Lab: JWT authentication bypass via weak signing key

Lab: JWT authentication bypass via weak signing key
Lab: JWT authentication bypass via flawed signature verification

Lab: JWT authentication bypass via flawed signature verification
Lab: JWT authentication bypass via unverified signature

Lab: JWT authentication bypass via unverified signature
Introduction to Web Applications

Introduction to Web Applications
ATutor Authentication Bypass and RCE (Authentication Gone Bad - 3.8.1)

ATutor Authentication Bypass and RCE (Authentication Gone Bad - 3.8.1)
ATutor Authentication Bypass and RCE (Subverting the ATutor Authentication - 3.7.1 - 3.7.2)

ATutor Authentication Bypass and RCE (Subverting the ATutor Authentication - 3.7.1 - 3.7.2)
ATutor Authentication Bypass and RCE (Data Exfiltration - 3.6.4)

ATutor Authentication Bypass and RCE (Data Exfiltration - 3.6.4)
ATutor Authentication Bypass and RCE (Data Exfiltration - 3.6.3)

ATutor Authentication Bypass and RCE (Data Exfiltration - 3.6.3)
ATutor Authentication Bypass and RCE (Initial Vulnerability Discovery - 3.3.1)

ATutor Authentication Bypass and RCE (Initial Vulnerability Discovery - 3.3.1)
Web Requests

Web Requests