| 1. | How To Install & Configure Graylog On Ubuntu 20 04 LTS | 1,704 | |
|
| 2. | Remote code execution via web shell upload | 1,175 | |
|
| 3. | OS command injection, simple case(PortSwigger Academy) | 1,066 | |
|
| 4. | OS command injection - Blind OS command injection with time delays | 489 | |
|
| 5. | Web shell upload via extension blacklist bypass | 410 | |
|
| 6. | Web shell upload via path traversal | 385 | |
|
| 7. | OS command injection - Blind OS command injection with output redirection | 347 | |
|
| 8. | Web shell upload via Content-Type restriction bypass | 315 | |
|
| 9. | OS command injection - Blind OS command injection with out-of-band interaction | 282 | |
|
| 10. | OS command injection - Blind OS command injection with out-of-band data exfiltration | 227 | |
|
| 11. | Remote code execution via polyglot web shell upload | 201 | |
|
| 12. | Web shell upload via obfuscated file extension | 181 | |
|
| 13. | Infinite money logic flaw -- Port swigger Academy | 178 | |
|
| 14. | WWE SMAKE Down Pain in Tamil for PC Games | 163 | | WWE SmackDown! Shut Your Mouth
|
| 15. | Authentication bypass via OAuth implicit flow -- Port Swigger | 123 | |
|
| 16. | How to install Kali linux Vdi file in Virtual box | 116 | |
|
| 17. | Brooklyn-Nine-Nine in TryHackMe | 109 | |
|
| 18. | How to Create Computer virus(ShutDown Virus) | 91 | |
|
| 19. | A New Beginning(No Copyright Music) | 88 | | A New Beginning
|
| 20. | How to Crash PC with ONE Click using notepad | 80 | |
|
| 21. | How to Remove Virus Using CMD | 75 | |
|
| 22. | Business logic vulnerabilities -- Excessive trust in client-side controls | 75 | |
|
| 23. | Dragon ball Z - Game PC in tamil | 64 | | Super Dragon Ball Z
|
| 24. | Username enumeration via account lock -- Port Swigger Academy | 62 | |
|
| 25. | TryHackMe - Vulnversity Walkthrough | 62 | |
|
| 26. | Anonymous - Tryhackme | Walkthrough | 59 | |
|
| 27. | Blind SSRF with Shellshock exploitation -- Port Swigger | 57 | |
|
| 28. | SMB Relay attack in Windows AD Server | 55 | |
|
| 29. | How to Install Kali Linux in Virtual Box | 51 | |
|
| 30. | Mr Robot --Tryhackme | 50 | |
|
| 31. | SQL injection vulnerability allowing login bypass - Port Swigger Academy | 50 | |
|
| 32. | Broken brute force protection, multiple credentials per request -- Port Swigger Academy | 49 | |
|
| 33. | TryHackMe Pickle Rick | Simple Webserver Exploitation | CTF Walkthrough | 47 | |
|
| 34. | Password brute force via password change | 45 | |
|
| 35. | Basic SSRF against another back end system -- Port Swigger Academy | 44 | |
|
| 36. | Username enumeration via different responses -- Port Swigger Academy | 42 | |
|
| 37. | Blind OS command injection with time delays -- Port Swigger Academy | 38 | |
|
| 38. | WWE 2k16 Match PC Gameplay | 37 | | WWE 2K16
|
| 39. | How to install windows os in virtual box | 37 | |
|
| 40. | Information disclosure on debug page -- Port Swigger Academy | 35 | |
|
| 41. | Business logic vulnerabilities -- High-level logic vulnerability | 34 | |
|
| 42. | Bounty Hacker | Walkthrough |TryHackMe | 34 | |
|
| 43. | Business logic vulnerabilities -- 2FA Authentication | 33 | |
|
| 44. | Username enumeration via response timing -- Portswigger Academy | 31 | |
|
| 45. | Dragon Ball Z - | Gokul Fight in Tamil - Part 2 | 29 | | Dragon Ball Z
|
| 46. | Broken brute force protection, IP block -- Port Swigger Academy | 27 | |
|
| 47. | LLMNR Poisoning Attack - AD Attacks | 27 | |
|
| 48. | Metamorphosis | TryHackMe | 26 | |
|
| 49. | SSRF with filter bypass via open redirection vulnerability -- Port Swigger Academy | 26 | |
|
| 50. | PUBG Solo Match Winner Winner Chicken Dinner with 15kills | 26 | |
|
| 51. | Bad Byte -- Tryhack me | 25 | |
|
| 52. | WWE 2k16 PC Game Play | STONE Gold Vs TYLER Breeze | 24 | | WWE 2K16
|
| 53. | Referer based access control -- Port Swigger Academy | 24 | |
|
| 54. | IPV6 Attack -- PNPT Path | 23 | |
|
| 55. | How to Format Pendrive Using CMD | 23 | |
|
| 56. | SQL injection vulnerability in WHERE clause allowing | 23 | |
|
| 57. | Multi step process with no access control on one step -- Port Swigger Academy | 23 | |
|
| 58. | Insufficient workflow validation -- Port Swigger | 19 | |
|
| 59. | HackTheBox Tutorial - Explosion || Starting Point walkthrough | 19 | |
|
| 60. | User ID controlled by request parameter, with unpredictable user IDs -- Port Swigger Academy | 19 | |
|
| 61. | Blind OS command injection with output redirection -- Port Swigger Academy | 18 | |
|
| 62. | Insecure direct object references - Port Swigger Academy | 17 | |
|
| 63. | Password reset poisoning via middleware -- Port Swigger Academy | 17 | |
|
| 64. | Unprotected admin functionality with unpredictable URL -- Port Swigger Academy | 17 | |
|
| 65. | Username enumeration via subtly different responses -- Port Swigger Academy | 17 | |
|
| 66. | Exploiting XXE to perform SSRF attacks -- XXE Injection | 16 | |
|
| 67. | SQL injection UNION attack, determining the number of columns returned by the query | 16 | |
|
| 68. | Neighbour -- Tryhackme | 16 | |
|
| 69. | Broken brute force protection, IP block -- Port Swigger Academy | 14 | |
|
| 70. | File path traversal, simple case -- Port Swigger | 14 | |
|
| 71. | SSRF with blacklist based input filter -- Port Swigger Academy | 14 | |
|
| 72. | Method based access control can be circumvented -- Port Swigger Academy | 13 | |
|
| 73. | File path traversal, traversal sequences stripped with superfluous URL decode --port swigger academy | 13 | |
|
| 74. | SSRF with whitelist based input filter -- Port Swigger Academy | 13 | |
|
| 75. | User role can be modified in user profile -- Port Swigger Academy | 13 | |
|
| 76. | Blind SSRF with out of band detection -- Port Swigger Academy | 13 | |
|
| 77. | User ID controlled by request parameter with data leakage in redirect -- Port Swigger Academy | 11 | |
|
| 78. | 2FA simple bypass - Port Swigger Academy | 11 | |
|
| 79. | File path traversal, validation of start of path -- Port Swigger Academy | 11 | |
|
| 80. | Basic SSRF against the local server -- Port Swigger Academy | 11 | |
|
| 81. | User ID controlled by request parameter with password disclosure --Port Swigger Academy | 10 | |
|
| 82. | HackTheBox Tutorial - preignition || Starting Point walkthrough | 10 | |
|
| 83. | Unprotected admin functionality -- Port Swigger Academy | 10 | |
|
| 84. | File path traversal, traversal sequences blocked with absolute path bypass -- Port Swigger | 10 | |
|
| 85. | File path traversal, validation of file extension with null byte bypass --Port Swigger Academy | 10 | |
|
| 86. | File path traversal, validation of file extension with null byte bypass -- Port Swigger Academy | 10 | |
|
| 87. | User role controlled by request parameter -- Port Swigger Academy | 9 | |
|
| 88. | User ID controlled by request parameter, with unpredictable user IDs -- Port Swigger Academy | 9 | |
|
| 89. | Hackthebox - Synced | Starting Point | 9 | |
|
| 90. | Authentication bypass via information disclosure -- Port Swigger Academy | 9 | |
|
| 91. | Authentication bypass via flawed state machine --Port Swigger Academy | 9 | |
|
| 92. | Exploiting XXE to perform SSRF attacks -- Port Swigger Academy | 8 | |
|
| 93. | Information disclosure in error messages -- Port Swigger Academy | 8 | |
|
| 94. | Password reset broken logic | 7 | |
|
| 95. | Offline password cracking -- Port Swigger Academy | 7 | |
|
| 96. | File path traversal, traversal sequences stripped non recursively -- Port Swigger Academy | 6 | |
|
| 97. | Source code disclosure via backup files -- Port Swigger | 6 | |
|
| 98. | Flawed enforcement of business rules -- Port Swigger Academy | 5 | |
|
