A canopy of apple-blossom

TL/DR: Many web applications can still easily be exploited to gain unauthorised access to sensitive data and webservers. Threats include SQL Injection, Code Injection, XSS, and Cookie poisoning.

Notes on techniques based on, and writeups of, Portswigger Labs and challenges and CTFs done in vulnerable web application lab environments.

Forever in progress ...

Portswigger labs