This project explores common server-side vulnerabilities and their mitigations. It also contains solutions for challenges from PortSwigger Labs, providing a hands-on approach to web application security.
An attacker can manipulate file paths to access files outside the intended directory.
Mitigation: Sanitize file paths using built-in methods.
Flawed permissions allow unauthorized access to restricted resources.
Mitigation: Implement strong role-based access control (RBAC).
Weak authentication mechanisms expose sensitive areas of an application.
Mitigation: Use multi-factor authentication and secure session management.
An attacker sends malicious requests from the server to internal services.
Mitigation: Whitelist internal destinations and sanitize inputs.
Improper file upload handling can lead to arbitrary file execution or denial of service.
Mitigation: Validate file types, and scan for malware.
An attacker injects commands that the server executes.
Mitigation: Avoid using user input in system commands.
An attacker injects malicious SQL queries into an application.
Mitigation: Use parameterized queries to prevent SQL injection.
This repo includes solutions for various PortSwigger Labs challenges, offering practical examples of exploiting and mitigating the above vulnerabilities.