13.4.2

October 2, 2025

Review the source code for /users/invite. Determine why it cannot be exploited.

13.3.2

October 2, 2025

Expand the route_buster.py script to include PUT and PATCH methods.

13. Server Side Request Forgery

October 2, 2025

![image](https://user-images.githubusercontent.com/45024645/168611073-846d7dfd-9a5b-40f0-8543-cd81ad0681b3.png)

12.3 (P)

October 2, 2025

Since the Authorization header is allowed in the CORS requests, we would be able to send authenticated requests through a user's browser if we don't have network access to the application. Return t...

12.2.5

October 2, 2025

Using the shell, add a new user to Concord and authenticate as the new user.

12. Concord Authentication Bypass to RCE

October 2, 2025

=============================================================

« Prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 Next »