PortSwigger1y
Latest cloud security news
Cloud security is the process by which cloud-based systems, data, applications, and infrastructure is secured. It encompasses both the policies and the technology employed by security experts to ...
PortSwigger2y
Latest encryption security news
This page requires JavaScript for an enhanced user experience.
PortSwigger5y
Lab: Exploiting HTTP request smuggling to bypass front-end security controls, TE.CL vulnerability
This lab involves a front-end and back-end server, and the back-end server doesn't support chunked encoding. There's an admin panel at /admin, but the front-end server blocks access to it. To solve ...
PortSwigger7y
Local file path manipulation (DOM-based)
DOM-based vulnerabilities arise when a client-side script reads data from a controllable part of the DOM (for example, the URL) and processes this data in an unsafe way. Local file path manipulation ...
PortSwigger2y
Latest data privacy news and breaches
If scandals such as the 2018 Facebook breach have taught us anything, it’s that we don’t have full control of our personal data. As we increasingly live our lives online, we leave a digital footprint ...
PortSwigger1y
Server-side prototype pollution
JavaScript was originally a client-side language designed to run in browsers. However, due to the emergence of server-side runtimes, such as the hugely popular Node.js, JavaScript is now widely used ...
PortSwigger1y
Latest secure software development news
This page requires JavaScript for an enhanced user experience.
PortSwigger2y
Latest computer-enabled fraud news
Cyber fraud is an all-too-common occurrence these days. Some of the latest fraud cases include complex campaigns, such as IT support scams, as well as classic social engineering attacks and phishing ...