Yash Thakkar
@Yassh_twts
Followers
543
Following
36K
Media
321
Statuses
3K
CPTS. Cyber Security enthusiast.
India
Joined November 2022
FINALLY PASSED THE CPTS! 12/14 flags. 10 days of exam. Almost a month of waiting, and its finally here. I mean, I dreamt of this for days and now I have no words. Will publish a review and a detailed tips and tricks blog this week. PS Tagging all my frens below...
28
13
274
I completed the Web Security Academy lab: Exploiting XXE via image file upload @WebSecAcademy
0
0
1
I completed the Web Security Academy lab: Exploiting XInclude to retrieve files @WebSecAcademy
0
0
1
I completed the Web Security Academy lab: Exploiting blind XXE to retrieve data via error messages @WebSecAcademy
0
0
3
I completed the Web Security Academy lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD @WebSecAcademy
0
0
3
I completed the Web Security Academy lab: Blind XXE with out-of-band interaction @WebSecAcademy
0
0
4
I completed the Web Security Academy lab: Exploiting XXE to perform SSRF attacks @WebSecAcademy
0
0
1
I completed the Web Security Academy lab: Exploiting XXE using external entities to retrieve files @WebSecAcademy
0
0
8
Day 49: Was out the entire day so did nothing. Will finish all the remaining server side vulns next week.
Day 48: Solved the remaining SSRF labs on portswigger. Published the walkthrough -
1
0
3
Day 48: Solved the remaining SSRF labs on portswigger. Published the walkthrough -
yashfren.github.io
A comprehensive guide to Server-Side Request Forgery vulnerabilities with walkthroughs of all 7 Portswigger labs
Day 47: Finished reading about SSRF. Solved 2/7 labs for it. Will solve the rest tomorrow and publish the walkthrough.
0
0
8
I completed the Web Security Academy lab: Blind SSRF with Shellshock exploitation @WebSecAcademy
0
0
3
I completed the Web Security Academy lab: SSRF with filter bypass via open redirection vulnerability @WebSecAcademy
0
0
5
I completed the Web Security Academy lab: SSRF with blacklist-based input filter @WebSecAcademy
0
0
6
I completed the Web Security Academy lab: Blind SSRF with out-of-band detection @WebSecAcademy
0
0
5
Day 47: Finished reading about SSRF. Solved 2/7 labs for it. Will solve the rest tomorrow and publish the walkthrough.
Day 46: Finished Race Conditions - all 6 labs. Published the walkthrough -
0
0
2
I completed the Web Security Academy lab: Basic SSRF against another back-end system @WebSecAcademy
0
0
2
I completed the Web Security Academy lab: Basic SSRF against the local server @WebSecAcademy
0
0
5
Day 46: Finished Race Conditions - all 6 labs. Published the walkthrough -
yashfren.github.io
A comprehensive guide to race condition vulnerabilities with walkthroughs of all 6 Portswigger labs
Day 45: Did nothing as day wasted in college. Ended up binging 6 episodes of Sopranos. Gonna finish a topic + blog tomorrow on portswigger.
0
0
7
I completed the Web Security Academy lab: Partial construction race conditions @WebSecAcademy
0
0
4
I completed the Web Security Academy lab: Single-endpoint race conditions @WebSecAcademy
0
0
8
I completed the Web Security Academy lab: Multi-endpoint race conditions @WebSecAcademy
0
0
7