Skip to content

raj-71/portswigger-notes

BranchesTags

Repository files navigation

Write-up PortSwigger Web Security Academy

Status

ID Topic Apprentice Practitioner Expert
Server-side topics
01 SQL injection ✔️ 2/2 ✔️ 16/16 -
02 Authentication ✖️ 0/3 ✖️ 0/9 ✖️ 0/2
03 Path traversal ✔️ 1/1 ✔️ 5/5 -
04 Command inection ✖️ 0/1 ✖️ 0/4 -
05 Business logic vulnerabilities ✖️ 0/4 ✖️ 0/7 ✖️ 0/1
06 Information disclosure ✖️ 0/4 ✖️ 0/1 -
07 Access control ✖️ 0/9 ✖️ 0/4 -
08 File upload vulnerabilities ✖️ 0/2 ✖️ 0/4 ✖️ 0/1
09 Race conditions ✖️ 0/1 ✖️ 0/4 ✖️ 0/1
10 Server-side request forgery (SSRF) ✖️ 0/2 ✖️ 0/3 ✖️ 0/2
11 XXE injection ✖️ 0/2 ✖️ 0/6 ✖️ 0/1
12 NoSQL Injection ✔️ 2/2 ✔️ 2/2 -
13 API Testing ✔️ 1/1 ✔️ 3/3 ✔️ 1/1
14 Web cache deception ✖️ 0/1 ✖️ 0/3 ✖️ 0/1
Client-side topics
15 Cross-site scripting (XSS) ✖️ 0/9 ✖️ 0/15 ✖️ 0/6
16 Cross-site request forgery (CSRF) ✖️ 0/1 ✖️ 0/11 -
17 Cross-origin resource sharing (CORS) ✔️ 2/2 ✔️ 1/1 -
18 Clickjacking ✖️ 0/3 ✖️ 0/2 -
19 DOM-based vulnerabilities - ✖️ 0/5 ✖️ 0/2
20 WebSockets ✖️ 0/1 ✖️ 0/2 -
Advanced topics
21 Insecure deserialization ✖️ 0/1 ✖️ 0/6 ✖️ 0/3
22 Web LLM attacks ✖️ 0/1 ✖️ 0/2 ✖️ 0/1
23 GraphQL API vulnerabilities ✖️ 0/1 ✖️ 0/4 -
24 Server-side template injection - ✖️ 0/5 ✖️ 0/2
25 Web cache poisoning - ✖️ 0/9 ✖️ 0/4
26 HTTP Host header attacks ✖️ 0/2 ✖️ 0/4 ✖️ 0/1
27 HTTP request smuggling - ✖️ 0/15 ✖️ 0/7
28 OAuth authentication ✖️ 0/1 ✖️ 0/4 ✖️ 0/1
29 JWT attacks ✖️ 0/2 ✖️ 0/4 ✖️ 0/2
30 Prototype pollution - ✖️ 0/9 ✖️ 0/1
31 Essential skills - ✖️ 0/2 -

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published