What is Serialization? Serialization is the process of converting an object in memory into a format that can be stored or transmitted. This format is often a sequence of bytes.…
HTTP Desync Attacks, also known as HTTP request smuggling, exploit inconsistencies in the interpretation of HTTP headers by different servers in a chain, such as between a front-end server (e.g.,…
Introduction Capture the Flag (CTF) challenges are a popular way for cybersecurity enthusiasts to test their skills and learn new techniques. While they can be daunting for beginners, a systematic…
Decoder The Decoder tab can be used to encode, decode, and hash any selected text. Here is a simple login credentials for an example. I can select the first…
Intruder is incredibly useful for automating attacks. For a useful walk-through of how it works, I will use one of the PortSwigger web academy labs as a demonstration. In…
By right-clicking on a request and selecting Send to Repeater or doing so with the Action button in the proxy interception section, you can send requests to the repeater…
The Proxy tab allows you to modify and send intercepted requests and view your request history. When you first view this tab you won’t have any intercepted requests and…