Learning SSRF with Portswigger Labs

Basic SSRF against the local Server https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost When accessing a product page an check stock link checks the stock through an API on some URL. We just need to change the url to localhost/admin where we can see user delete links and here we go with the request to delete that carlos: POST /product/stock HTTP/1.1 … Read moreLearning SSRF with Portswigger Labs

The Big and Dandy „How to get into Infosec“ Resources Post 2020

On a daily basis and on all hacking oriented communities, people ask how to start or to get into Infosec. I decided to maintain a post where I collect my ressources regarding (beginner) learning ressources. I am learning towards an infosec position for a while now and I am now a trainee at a german … Read moreThe Big and Dandy „How to get into Infosec“ Resources Post 2020