Overview

My motivation for writing this blog is to provide a learning resource that is oriented to the way I learn best which is to read a brief description to understand the vulnerability, view real world examples of the vulnerability being exploited and reviewing source code of applications to understand why the vulnerability exists then reading further resources. Thus this blog is organized in that structure. Each vulnerability contains a brief explanation with a source code example in JavaScript Node JS as well as an example of it being exploited. The next page will contain real world write-ups of the vulnerabilities being exploited with brief explanations of each. Source code examples are illustrated on the following page taken from vulnerable labs such as OWASP's Juice Shop. The full list of labs can be found in Labs. Any further resources, tools and payloads will then be found in the two pages after that.

Note the general Labs page linked above contains general labs which contain numerous vulnerabilities, The labs page under each vulnerability section contains labs specifically for that vulnerability.

Follow me on twitter @EvanThomasLuke.