manjunadh sunkari
@manju_sunkarii
Followers
149
Following
321
Media
74
Statuses
131
I am fellow in Nxtwave,I am very passionate regarding coding
Joined November 2021
I completed the Web Security Academy lab:.Exploiting an API endpoint using documentation. @WebSecAcademy.
portswigger.net
To solve the lab, find the exposed API documentation and delete carlos. You can log in to your own account using the following credentials: wiener:peter. ...
0
0
1
I completed the Web Security Academy lab:.Excessive trust in client-side controls. @WebSecAcademy.
portswigger.net
This lab doesn't adequately validate user input. You can exploit a logic flaw in its purchasing workflow to buy items for an unintended price. To solve the ...
0
0
2
I completed the Web Security Academy lab:.Limit overrun race conditions. @WebSecAcademy.
portswigger.net
This lab's purchasing flow contains a race condition that enables you to purchase items for an unintended price. To solve the lab, successfully purchase a ...
0
0
0
I completed the Web Security Academy lab:.Accessing private GraphQL posts. @WebSecAcademy.
portswigger.net
The blog page for this lab contains a hidden blog post that has a secret password. To solve the lab, find the hidden blog post and enter the password. Learn ...
0
0
1
I completed the Web Security Academy lab:.SSRF via OpenID dynamic client registration. @WebSecAcademy.
portswigger.net
This lab allows client applications to dynamically register themselves with the OAuth service via a dedicated registration endpoint. Some client-specific ...
0
0
1
I completed the Web Security Academy lab:.Authentication bypass via OAuth implicit flow. @WebSecAcademy.
portswigger.net
This lab uses an OAuth service to allow users to log in with their social media account. Flawed validation by the client application makes it possible for ...
0
0
1
I completed the Web Security Academy lab:.Basic server-side template injection. @WebSecAcademy.
portswigger.net
This lab is vulnerable to server-side template injection due to the unsafe construction of an ERB template. To solve the lab, review the ERB documentation ...
0
0
2
I completed the Web Security Academy lab:.Password reset broken logic. @WebSecAcademy.
portswigger.net
This lab's password reset functionality is vulnerable. To solve the lab, reset Carlos's password then log in and access his "My account" page. ...
0
0
0
I completed the Web Security Academy lab:.2FA simple bypass. @WebSecAcademy.
portswigger.net
This lab's two-factor authentication can be bypassed. You have already obtained a valid username and password, but do not have access to the user's 2FA ...
0
0
1
I completed the Web Security Academy lab:.Username enumeration via different responses. @WebSecAcademy.
portswigger.net
This lab is vulnerable to username enumeration and password brute-force attacks. It has an account with a predictable username and password, which can be ...
0
0
0
I completed the Web Security Academy lab:.Blind XXE with out-of-band interaction. @WebSecAcademy.
portswigger.net
This lab has a "Check stock" feature that parses XML input but does not display the result. You can detect the blind XXE vulnerability by triggering ...
0
0
0
I completed the Web Security Academy lab:.Exploiting XXE to perform SSRF attacks. @WebSecAcademy.
portswigger.net
This lab has a "Check stock" feature that parses XML input and returns any unexpected values in the response. The lab server is running a (simulated) EC2 ...
0
0
1
I completed the Web Security Academy lab:.Exploiting XXE using external entities to retrieve files. @WebSecAcademy.
portswigger.net
This lab has a "Check stock" feature that parses XML input and returns any unexpected values in the response. To solve the lab, inject an XML external ...
0
0
0
I completed the Web Security Academy lab:.DOM XSS using web messages and a JavaScript URL. @WebSecAcademy.
portswigger.net
This lab demonstrates a DOM-based redirection vulnerability that is triggered by web messaging. To solve this lab, construct an HTML page on the exploit ...
0
0
2
I completed the Web Security Academy lab:.SQL injection attack, listing the database contents on non-Oracle databases. @WebSecAcademy. #CyberSecurity #nttdata #portswigger.
portswigger.net
This lab contains a SQL injection vulnerability in the product category filter. The results from the query are returned in the application's response so you ...
0
0
2
RT @RcbianOfficial: #OnThisDay in 2018, Virat Kohli received Major Dhyan Chand Khel Ratna Award.
0
33
0
Hacking will always be interesting. when you find a right person it will be more interesting #Day1 #Day2 in the domain of cyber security. thanks to. #careerx @vishwanathc90
0
0
4
I've completed the Build Your Own Dynamic Web Application course in CCBP 4.0 Academy Program. I've learnt core concepts and Built in-demand skills. Check out my certificate:
certificates.ccbp.in
Learn like top IITians and achieve high-paid software jobs, with India's First-Ever Industry Ready Certification [IRC]
0
0
3
Restart to learning. after 3-1 semester today I learned about arrays in javascript and did coding practice 1 and coding practice 3 thanks to @nxtwave_tech @sashankreddy07 @rahulattuluri #Day1 #100daysofcoding #nxtwave #ccbp #javascript
0
0
2