Pentesting

Write-ups on PortSwigger Web Security Academy and Root-Me challenges — SQL injection, XSS, SSRF, and more. Each post covers the vulnerability theory and a step-by-step walkthrough.

marathon· 63 solved

PortSwigger Web Security Academy

Catalog of solved labs by topic and per-day stats.

April 25, 2026#vulhub#ssti#flask

Server-Side Template Injection in Flask (VulHub)

Exploiting SSTI in Flask/Jinja2: from {{7*7}} to RCE via Python MRO object chain.

April 25, 2026#vulhub#websocket#cswsh

Cross-Site WebSocket Hijacking in OpenClaw (VulHub)

Exploiting CSWSH vulnerability CVE-2026-25253 in OpenClaw Control UI: stealing auth.token via WebSocket server substitution, CVSS 8.8.

cheatsheetApril 19, 2026#ssrf#cloud#filter-bypass

Server-Side Request Forgery (SSRF)

Complete breakdown of SSRF — where to look, types, protocols, filter bypass, cloud metadata, paths to RCE, defenses. Theory, methodology, cheat sheet.

cheatsheetApril 19, 2026#ssti#template-injection#rce

Server-Side Template Injection (SSTI)

Complete SSTI breakdown — detection, engine identification, sandbox escape, per-engine exploitation, blind SSTI, defense. Theory, methodology, cheatsheet.

cheatsheetApril 19, 2026#xxe#xml#dtd

XML External Entity (XXE)

Complete XXE breakdown — XML entities, DTD, all attack vectors, blind/error-based, bad character bypasses, defense by language. Theory, methodology, cheatsheet.

April 18, 2026#root-me#sqli#file-reading

SQL Injection — File Reading (Root-Me)

Root-Me walkthrough: UNION-based SQL injection, bypassing quote escaping with ASCII hex, and reading server files via LOAD_FILE.

PortSwigger Web Security Academy

PortSwigger lab marathon — catalog by topic and per-day stats.