Digital garden
Search
Search
Dark mode
Light mode
Reader mode
Explorer
Home
❯
wargame
❯
writeup
writeup
Graph View
Backlinks
Capture the ether-Fuzzy identity
Capture the ether-Guess secret number
Capture the ether-Guess the new number
Capture the ether-Guess the number
Capture the ether-Guess the random number
Capture the ether-Predict the block hash
Capture the ether-Predict the future
Capture the ether-Donation
Capture the ether-Mapping
Capture the ether-Retirement fund
Capture the ether-Token sale
Capture the ether-Token whale
Capture the ether-Assume ownership
CodeEngn Reversing Advance_Level01
CodeEngn Reversing Advance_Level02
CodeEngn Reversing Advance_Level03
CodeEngn Reversing Advance_Level04
CodeEngn Reversing Advance_Level05
CodeEngn Reversing Advance_Level06
CodeEngn Reversing Basic_Level01
CodeEngn Reversing Basic_Level02
CodeEngn Reversing Basic_Level03
CodeEngn Reversing Basic_Level04
CodeEngn Reversing Basic_Level05
CodeEngn Reversing Basic_Level06
CodeEngn Reversing Basic_Level07
CodeEngn Reversing Basic_Level08
CodeEngn Reversing Basic_Level09
CodeEngn Reversing Basic_Level10
CodeEngn Reversing Basic_Level11
CodeEngn Reversing Basic_Level12
CodeEngn Reversing Basic_Level13
CodeEngn Reversing Basic_Level14
CodeEngn Reversing Basic_Level15
CodeEngn Reversing Basic_Level16
CodeEngn Reversing Basic_Level17
CodeEngn Reversing Basic_Level18
CodeEngn Reversing Basic_Level19
CodeEngn Reversing Basic_Level20
Damn Vulnerable DeFi-ABI Smuggling
Damn Vulnerable DeFi-Backdoor
Damn Vulnerable DeFi-Climber
Damn Vulnerable DeFi-Compromised
Damn Vulnerable DeFi-Free Rider
Damn Vulnerable DeFi-Naive receiver
Damn Vulnerable DeFi-Puppet
Damn Vulnerable DeFi-PuppetV2
Damn Vulnerable DeFi-PuppetV3
Damn Vulnerable DeFi-Selfie
Damn Vulnerable DeFi-Side Entrance
Damn Vulnerable DeFi-The rewarder
Damn Vulnerable DeFi-Truster
Damn Vulnerable DeFi-Unstoppable
Damn Vulnerable DeFi-Wallet Mining
Lord of BOF_0_Gate
Lord of BOF_10_Skeleton
Lord of BOF_11_Golem
Lord of BOF_12_Darkknight
Lord of BOF_13_Bugbear
Lord of BOF_14_Giant
Lord of BOF_15_Assassin
Lord of BOF_16_ZombieAssassin
Lord of BOF_17_Succubus
Lord of BOF_18_Nightmare
Lord of BOF_19_Xavius
Lord of BOF_1_Gremlin
Lord of BOF_2_Cobolt
Lord of BOF_3_Goblin
Lord of BOF_4_Orc
Lord of BOF_5_Wolfman
Lord of BOF_6_Darkelf
Lord of BOF_7_Orge
Lord of BOF_8_Troll
Lord of BOF_9_Vampire
Portswigger-Insecure direct object references
Portswigger-Method-based access control can be circumvented
Portswigger-Multi-step process with no access control on one step
Portswigger-Referer-based access control
Portswigger-URL-based access control can be circumvented
Portswigger-Unprotected admin functionality with unpredictable URL
Portswigger-Unprotected admin functionality
Portswigger-User ID controlled by request parameter with data leakage in redirect
Portswigger-User ID controlled by request parameter with password disclosure
Portswigger-User ID controlled by request parameter, with unpredictable user IDs
Portswigger-User ID controlled by request parameter
Portswigger-User role can be modified in user profile
Portswigger-User role controlled by request parameter
Portswigger-2FA simple bypass
Portswigger-Authentication bypass via encryption oracle
Portswigger-High-level logic vulnerability
Portswigger-Inconsistent security controls
Portswigger-Infinite money logic flaw
Portswigger-Insufficient workflow validation
Portswigger-Low-level logic flaw
Portswigger-Password reset broken logic
Portswigger-Weak isolation on dual-use endpoint
Portswigger-excessive trust in client-side controls
Portswigger-Authentication bypass via information disclosure
Portswigger-Information disclosure in error messages
Portswigger-Information disclosure in version control history
Portswigger-Information disclosure on debug page
Portswigger-Source code disclosure via backup files
Portswigger-Arbitrary object injection in PHP
Portswigger-Basic server-side template injection (code context)
Portswigger-Basic server-side template injection
Portswigger-Server-side template injection in an unknown language with a documented exploit
Portswigger-Server-side template injection using documentation
Portswigger-Server-side template injection with information disclosure via user-supplied objects
Portswigger-Targeted web cache poisoning using an unknown header
Portswigger-Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability criteria
Portswigger-Web cache poisoning with an unkeyed cookie
Portswigger-Web cache poisoning with an unkeyed header
Portswigger-Web cache poisoning with multiple headers
Portswigger-DOM XSS in document-write sink using source location-search
Portswigger-DOM XSS in innerHTML sink using source location-search
Portswigger-DOM XSS in jQuery anchor href attribute sink using location-search source
Portswigger-Reflected XSS in canonical link tag
Portswigger-Reflected XSS into HTML context with all tags blocked except custom ones
Portswigger-Reflected XSS into HTML context with most tags and attributes blocked
Portswigger-Reflected XSS into HTML context with nothing encoded
Portswigger-Reflected XSS into a JavaScript string with angle brackets HTML encoded
Portswigger-Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and single quotes escaped
Portswigger-Reflected XSS into a JavaScript string with single quote and backslash escaped
Portswigger-Reflected XSS into attribute with angle brackets HTML-encoded
Portswigger-Reflected XSS with event handlers and href attributes blocked
Portswigger-Reflected XSS with some SVG markup allowed
Portswigger-Stored XSS into HTML context with nothing encoded
Portswigger-Stored XSS into anchor href attribute with double quotes HTML-encoded
Pwnablekr_Rookiss_simple-login
Pwnablekr_Toddlers Bottle_asm
Pwnablekr_Toddlers Bottle_blackjack
Pwnablekr_Toddlers Bottle_blukat
Pwnablekr_Toddlers Bottle_bof
Pwnablekr_Toddlers Bottle_cmd1
Pwnablekr_Toddlers Bottle_cmd2
Pwnablekr_Toddlers Bottle_coin1
Pwnablekr_Toddlers Bottle_collision
Pwnablekr_Toddlers Bottle_fd
Pwnablekr_Toddlers Bottle_flag
Pwnablekr_Toddlers Bottle_horcruxes
Pwnablekr_Toddlers Bottle_input
Pwnablekr_Toddlers Bottle_leg
Pwnablekr_Toddlers Bottle_lotto
Pwnablekr_Toddlers Bottle_memcpy
Pwnablekr_Toddlers Bottle_mistake
Pwnablekr_Toddlers Bottle_passcode
Pwnablekr_Toddlers Bottle_random
Pwnablekr_Toddlers Bottle_shellshock
Pwnablekr_Toddlers Bottle_uaf
Pwnablekr_Toddlers Bottle_unlink
XSS Challenge_Level1
XSS Challenge_Level10
XSS Challenge_Level11
XSS Challenge_Level12
XSS Challenge_Level13
XSS Challenge_Level14
XSS Challenge_Level2
XSS Challenge_Level3
XSS Challenge_Level4
XSS Challenge_Level5
XSS Challenge_Level6
XSS Challenge_Level7
XSS Challenge_Level8
XSS Challenge_Level9
XSS Game_Level1
XSS Game_Level2
XSS Game_Level3
XSS Game_Level4
XSS Game_Level5
XSS Game_Level6