📕
Blog
  • 🐞Vulnerabilities & Techniques
    • Web Vulnerabilities
      • Open Redirect
      • HTTP Parameter Pollution (HPP)
      • Host Header Injection (HHI)
      • XSS
      • HTML-Injection
      • clickjacking
      • S3
      • EXternal Xml Entity (XXE)
      • XSS prevention | CSP
      • DOM-XSS
      • SQL Injection | SQLI
      • Response Manipulation Technique & How Burp Suite Works
    • API Vulnerabilities
      • Mass Assignment Vulnerability
  • 🚩CTF
    • ASCWG
  • ✍️Writeups
    • Read Writeups
      • REST API WriteUps
      • Web Vulnerabilities WriteUps
    • Technical Writeups
      • Reset Password Poisoning Via Host Header Injection Lead to (ATO)
      • OTP/2FA Bypasses
        • OTP bypasses
  • 😈TryHackMe
    • THM Advent of Cyber 3 (2021) NoSQL WriteUp
  • 🔱Web-CyberTalents
    • CyberTalents-Web-Easy
    • CyberTalents-Web-Medium
    • CyberTalents-Web-Hard
  • 🖇️Pentesting & Bug Hunting Tips
    • ATO Via Host Header Injection
    • OTP Bypass
    • OutLook Plugin Pentest Guide
  • 💻Port-Swigger Labs
    • XML external entity (XXE) injection
    • DOM-XSS
      • DOM XSS in the document.write sink using source location.search
      • Lab: DOM XSS in document.write sink using source location.search inside a select element
      • Lab: DOM XSS in innerHTML sink using source location.search
      • Lab: DOM XSS in jQuery anchor href attribute sink using location.search source
      • Lab: Reflected DOM XSS
      • Lab: Stored DOM XSS
    • SQL injection
      • Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
      • Lab: SQL injection vulnerability allowing login bypass
      • Lab: SQL injection UNION attack, determining the number of columns returned by the query
      • Lab: SQL injection UNION attack, finding a column containing text
      • Lab: SQL injection UNION attack, retrieving data from other tables
      • Lab: SQL injection UNION attack, retrieving multiple values in a single column
      • Lab: SQL injection attack, querying the database type and version on Oracle
      • Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft
      • Lab: SQL injection attack, listing the database contents on non-Oracle databases
  • 🛜Wireless Networks Penetration Testing
  • ⚔️Wi-Fi Attacks
    • 🕸️Network Scanning attack
    • 🌊DOS / Flooding
      • 1️⃣DoS - Frame Flooding (Deauth, EAPOL, Beacons)
      • 2️⃣DoS- Exploiting Countermeasures (MIC failure)
    • Jamming Attacks (هجمات التشويش)
    • Probe Requests Attack
    • Handshake Attacks
      • Dictionary Attack
      • Clientless Attack
      • KRACK Attack
      • Downgrad Attack
    • Rouge AP Attack
  • Lab Notes
  • RFID and NFC
  • Bluetooth
  • ZigBee
  • Google Map Test
Powered by GitBook
On this page
  1. Web-CyberTalents

CyberTalents-Web-Medium

CyberTalents Practice

  • Difficulty: Medium

  • Points: 100 point

  • Category: Web Security

01- share the ideas:

Solution:

02- Dark Project:

Solution: HERE

03- Join Team:

Solution:

04- The Restricted Sessions:

Solution:

05- Searching for the cookie:

Solution:

06- who is admin:

Solution:

07- Catch me if you can:

Solution: HERE

08- black inc:

Solution:

09- Owls Blog:

Solution: HERE

10- Big Number:

Solution: HERE

11- bypass_the_world:

Solution: HERE

12- admin_get_first:

Solution: HERE

13- Secret Browser :

Solution: HERE

14- 14- inbox:

Solution:

15- secret_blog:

Solution: HERE

15- Hashable:

Solution:

16- Global:

Solution: HERE

Todo:

  • The dark lord

  • F2Up

PreviousCyberTalents-Web-EasyNextCyberTalents-Web-Hard

Last updated 1 year ago

🔱
  • CyberTalents Practice
  • 01- share the ideas:
  • Solution:
  • 02- Dark Project:
  • Solution: HERE
  • 03- Join Team:
  • Solution:
  • 04- The Restricted Sessions:
  • Solution:
  • 05- Searching for the cookie:
  • Solution:
  • 06- who is admin:
  • Solution:
  • 07- Catch me if you can:
  • Solution: HERE
  • 08- black inc:
  • Solution:
  • 09- Owls Blog:
  • Solution: HERE
  • 10- Big Number:
  • Solution: HERE
  • 11- bypass_the_world:
  • Solution: HERE
  • 12- admin_get_first:
  • Solution: HERE
  • 13- Secret Browser :
  • Solution: HERE
  • 14- 14- inbox:
  • Solution:
  • 15- secret_blog:
  • Solution: HERE
  • 15- Hashable:
  • Solution:
  • 16- Global:
  • Solution: HERE
  • Todo: