/ Home/ Ctf/ Portswigger


PortSwigger Labs

🔐 JWT

  1. JWT Authentication Bypass via Unverified Signature.
  2. JWT Authentication Bypass via Flawed Signature Verification.

🔐 API

  1. Exploiting server-side parameter pollution in a REST URL

🔐 SQLi

  1. SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
  2. SQL injection vulnerability allowing login bypass
  3. SQL injection attack, querying the database type and version on Oracle