Art Of Code - Art Of Code

writeups, overthewire, bandit, ctf

Bandit Level 0

Bandit0 is the first level of the OverTheWire Bandit wargame. In this level, we will learn how to use SSH to connect to the remote server and gain access to the password for the next level.

portswigger, writeups, cors, web

Portswigger’s lab write up: CORS vulnerability with trusted null origin

In this apprentice-level lab, we will exploit a website with a CORS vulnerability that trusts the “null” origin to obtain a user’s private credentials.

writeups, portswigger, web, cors

Portswigger’s lab write up: CORS vulnerability with basic origin reflection

In this apprentice-level lab, we will exploit a website with a basic CORS vulnerability to obtain a user’s private credentials.

writeups, portswigger, web, clickjacking

Portswigger’s lab write up: Clickjacking with a frame buster script

In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking via URL parameters, even though there is a frame buster script enabled.

blog, datascience

Who will win the 2022 Brazilian Presidential Election?, according to statistics.

Many news outlets have run opinion polls on presidential candidates for the Brazilian 2022 election; what does this data tell us about a possible winner?.

2022 Brazilian Election Forecast

Luiz Inácio Lula da Silva has a 96% chance of winning the 2022 presidential election(Second Round).

writeups, portswigger, web, clickjacking

Portswigger’s lab write up: Clickjacking with form input data prefilled from a URL parameter

In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking due to form filling via url parameters.

writeups, portswigger, web, clickjacking

Portswigger’s lab write up: Basic clickjacking with CSRF token protection

In this apprentice level lab, we will exploit the delete account flow from a website vulnerable to clickjacking even though there is some CSRF token protection present.

writeups, portswigger, web, csrf

Portswigger’s lab write up: CSRF vulnerability with no defenses

In this apprentice-level lab, we will exploit a site that contains a CSRF vulnerability in its email change functionality.

blog, web, software

How does URL decoding and encoding work?

Every time you visit a website, your browser is encoding and decoding URLs under the hood. This is done in order to avoid transmitting invalid or unsafe data; let’s see how URL decoding works on a basic level and why it is important.

blog, datascience

Why is it important to standardize datasets?

Data standardizing is a common practice in data science and machine learning. What does it actually mean and why is it beneficial?

blog, history, web

Web 1.0 vs 2.0 vs 3.0.

When talking about Web standards, usually the different Web generations are brought up, what do they actually mean?, most of us are used to browsing on the web and using websites, but we do not understand these terms; let’s see some basic definitions.