├── 01_SQLi ├── 01_sqli_retrieval_of_hidden_data.py ├── 02_sqli_login_bypass.py ├── 03_sqli_UNION_number_of_columns.py ├── 04_sqli_UNION_text.py ├── 05_sqli_UNION_retrieve_data_from_other_tables.py ├── 06_sqli_UNION_retrieve_in_single_column.py ├── 07_sqli_UNION_oracle_retrieval.py ├── 08_sqli_UNION_retrieval_MS_MySQL.py ├── 09_sqli_UNION_db_contents_non-Oracle.py ├── 10_sqli_UNION_db_contents_Oracle.py ├── 11_sqli_blindsqli_conditional_response.py ├── 12_sqli_blindsqli_conditionalerrors.py ├── 13_sqli_blindsqli_time_delays.py ├── 14_sqli_blindsqli_time_delay_data_exfil.py ├── 15_sqli_blindsqli_OOB_interaction.py └── 16_sqli_blindsqli_OOB_exfil.py ├── 02_Authentication ├── 01_auth_user_enum_responses.py ├── 02_auth_user_enum_subtle.py ├── 03_auth_user_enum_response_timing.py ├── 04_auth_broken_bruteforce_ip_block.py ├── 05_auth_user_enum_account_lock.py ├── 06_auth_broken_bruteforce_multiple_creds_per_req.py ├── 07_auth_2FA_simple_bypass.py ├── 08_auth_2FA_broken_logic.py ├── 09_auth_2FA_brute_force.py ├── 10_auth_bruteforce_stayloggedin_cookie.py ├── 11_auth_offline_pw_cracking.py ├── 12_auth_pw_reset-broken_logic.py ├── 13_auth_pw_reset_poisoning_middleware.py ├── 14_auth_brute_force_pw_change.py ├── add_passwords.py ├── add_users.py ├── burp_pass.csv ├── burp_pass_quotes.py ├── burp_passlist.txt ├── burp_userlist.txt ├── burp_users.csv ├── logged_in_cookie.py └── split_users.py ├── 03_Directory_Traversal ├── 01_dir_trav_simple.py ├── 02_dir_trav_seq_blocked.py ├── 03_dir_trav_trav_seq_str_non_rec.py ├── 04_dir_trav_trav_seq_str_url.py ├── 05_dir_trav_val_path_start.py └── 06_dir_trav_filetype_val.py ├── 04_Command_Injection ├── 01_cmd_inj_simple.py ├── 02_cmd_inj_blind_time_delay.py ├── 02_cmd_inj_blind_time_delay_loop.py ├── 03_cmd_inj_blind_output_redirection.py ├── 04_cmd_inj_blind_OOB_interaction.py └── 05_cmd_inj_blind_OOB_data_exfil.py ├── 05_Business_Logic_Vulns ├── 03_logic_low-level_flaw.py └── random_string_generator.py ├── 08_File_Uploads ├── 01_file_rce_webshell.php ├── 06_file_polyglot.php ├── php_more_versatile.php └── php_one_liner.php ├── README.md └── SQLi └── README.md /01_SQLi/01_sqli_retrieval_of_hidden_data.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/01_sqli_retrieval_of_hidden_data.py -------------------------------------------------------------------------------- /01_SQLi/02_sqli_login_bypass.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/02_sqli_login_bypass.py -------------------------------------------------------------------------------- /01_SQLi/03_sqli_UNION_number_of_columns.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/03_sqli_UNION_number_of_columns.py -------------------------------------------------------------------------------- /01_SQLi/04_sqli_UNION_text.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/04_sqli_UNION_text.py -------------------------------------------------------------------------------- /01_SQLi/05_sqli_UNION_retrieve_data_from_other_tables.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/05_sqli_UNION_retrieve_data_from_other_tables.py -------------------------------------------------------------------------------- /01_SQLi/06_sqli_UNION_retrieve_in_single_column.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/06_sqli_UNION_retrieve_in_single_column.py -------------------------------------------------------------------------------- /01_SQLi/07_sqli_UNION_oracle_retrieval.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/07_sqli_UNION_oracle_retrieval.py -------------------------------------------------------------------------------- /01_SQLi/08_sqli_UNION_retrieval_MS_MySQL.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/08_sqli_UNION_retrieval_MS_MySQL.py -------------------------------------------------------------------------------- /01_SQLi/09_sqli_UNION_db_contents_non-Oracle.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/09_sqli_UNION_db_contents_non-Oracle.py -------------------------------------------------------------------------------- /01_SQLi/10_sqli_UNION_db_contents_Oracle.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/10_sqli_UNION_db_contents_Oracle.py -------------------------------------------------------------------------------- /01_SQLi/11_sqli_blindsqli_conditional_response.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/11_sqli_blindsqli_conditional_response.py -------------------------------------------------------------------------------- /01_SQLi/12_sqli_blindsqli_conditionalerrors.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/12_sqli_blindsqli_conditionalerrors.py -------------------------------------------------------------------------------- /01_SQLi/13_sqli_blindsqli_time_delays.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/13_sqli_blindsqli_time_delays.py -------------------------------------------------------------------------------- /01_SQLi/14_sqli_blindsqli_time_delay_data_exfil.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/14_sqli_blindsqli_time_delay_data_exfil.py -------------------------------------------------------------------------------- /01_SQLi/15_sqli_blindsqli_OOB_interaction.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/15_sqli_blindsqli_OOB_interaction.py -------------------------------------------------------------------------------- /01_SQLi/16_sqli_blindsqli_OOB_exfil.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/01_SQLi/16_sqli_blindsqli_OOB_exfil.py -------------------------------------------------------------------------------- /02_Authentication/01_auth_user_enum_responses.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/01_auth_user_enum_responses.py -------------------------------------------------------------------------------- /02_Authentication/02_auth_user_enum_subtle.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/02_auth_user_enum_subtle.py -------------------------------------------------------------------------------- /02_Authentication/03_auth_user_enum_response_timing.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/03_auth_user_enum_response_timing.py -------------------------------------------------------------------------------- /02_Authentication/04_auth_broken_bruteforce_ip_block.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/04_auth_broken_bruteforce_ip_block.py -------------------------------------------------------------------------------- /02_Authentication/05_auth_user_enum_account_lock.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/05_auth_user_enum_account_lock.py -------------------------------------------------------------------------------- /02_Authentication/06_auth_broken_bruteforce_multiple_creds_per_req.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/06_auth_broken_bruteforce_multiple_creds_per_req.py -------------------------------------------------------------------------------- /02_Authentication/07_auth_2FA_simple_bypass.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/07_auth_2FA_simple_bypass.py -------------------------------------------------------------------------------- /02_Authentication/08_auth_2FA_broken_logic.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/08_auth_2FA_broken_logic.py -------------------------------------------------------------------------------- /02_Authentication/09_auth_2FA_brute_force.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/09_auth_2FA_brute_force.py -------------------------------------------------------------------------------- /02_Authentication/10_auth_bruteforce_stayloggedin_cookie.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/10_auth_bruteforce_stayloggedin_cookie.py -------------------------------------------------------------------------------- /02_Authentication/11_auth_offline_pw_cracking.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/11_auth_offline_pw_cracking.py -------------------------------------------------------------------------------- /02_Authentication/12_auth_pw_reset-broken_logic.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/12_auth_pw_reset-broken_logic.py -------------------------------------------------------------------------------- /02_Authentication/13_auth_pw_reset_poisoning_middleware.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/13_auth_pw_reset_poisoning_middleware.py -------------------------------------------------------------------------------- /02_Authentication/14_auth_brute_force_pw_change.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/14_auth_brute_force_pw_change.py -------------------------------------------------------------------------------- /02_Authentication/add_passwords.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/add_passwords.py -------------------------------------------------------------------------------- /02_Authentication/add_users.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/add_users.py -------------------------------------------------------------------------------- /02_Authentication/burp_pass.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/burp_pass.csv -------------------------------------------------------------------------------- /02_Authentication/burp_pass_quotes.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/burp_pass_quotes.py -------------------------------------------------------------------------------- /02_Authentication/burp_passlist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/burp_passlist.txt -------------------------------------------------------------------------------- /02_Authentication/burp_userlist.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/burp_userlist.txt -------------------------------------------------------------------------------- /02_Authentication/burp_users.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/burp_users.csv -------------------------------------------------------------------------------- /02_Authentication/logged_in_cookie.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/logged_in_cookie.py -------------------------------------------------------------------------------- /02_Authentication/split_users.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/02_Authentication/split_users.py -------------------------------------------------------------------------------- /03_Directory_Traversal/01_dir_trav_simple.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/03_Directory_Traversal/01_dir_trav_simple.py -------------------------------------------------------------------------------- /03_Directory_Traversal/02_dir_trav_seq_blocked.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/03_Directory_Traversal/02_dir_trav_seq_blocked.py -------------------------------------------------------------------------------- /03_Directory_Traversal/03_dir_trav_trav_seq_str_non_rec.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/03_Directory_Traversal/03_dir_trav_trav_seq_str_non_rec.py -------------------------------------------------------------------------------- /03_Directory_Traversal/04_dir_trav_trav_seq_str_url.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/03_Directory_Traversal/04_dir_trav_trav_seq_str_url.py -------------------------------------------------------------------------------- /03_Directory_Traversal/05_dir_trav_val_path_start.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/03_Directory_Traversal/05_dir_trav_val_path_start.py -------------------------------------------------------------------------------- /03_Directory_Traversal/06_dir_trav_filetype_val.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/03_Directory_Traversal/06_dir_trav_filetype_val.py -------------------------------------------------------------------------------- /04_Command_Injection/01_cmd_inj_simple.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/04_Command_Injection/01_cmd_inj_simple.py -------------------------------------------------------------------------------- /04_Command_Injection/02_cmd_inj_blind_time_delay.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/04_Command_Injection/02_cmd_inj_blind_time_delay.py -------------------------------------------------------------------------------- /04_Command_Injection/02_cmd_inj_blind_time_delay_loop.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/04_Command_Injection/02_cmd_inj_blind_time_delay_loop.py -------------------------------------------------------------------------------- /04_Command_Injection/03_cmd_inj_blind_output_redirection.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/04_Command_Injection/03_cmd_inj_blind_output_redirection.py -------------------------------------------------------------------------------- /04_Command_Injection/04_cmd_inj_blind_OOB_interaction.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/04_Command_Injection/04_cmd_inj_blind_OOB_interaction.py -------------------------------------------------------------------------------- /04_Command_Injection/05_cmd_inj_blind_OOB_data_exfil.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/04_Command_Injection/05_cmd_inj_blind_OOB_data_exfil.py -------------------------------------------------------------------------------- /05_Business_Logic_Vulns/03_logic_low-level_flaw.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/05_Business_Logic_Vulns/03_logic_low-level_flaw.py -------------------------------------------------------------------------------- /05_Business_Logic_Vulns/random_string_generator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/05_Business_Logic_Vulns/random_string_generator.py -------------------------------------------------------------------------------- /08_File_Uploads/01_file_rce_webshell.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /08_File_Uploads/06_file_polyglot.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/08_File_Uploads/06_file_polyglot.php -------------------------------------------------------------------------------- /08_File_Uploads/php_more_versatile.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /08_File_Uploads/php_one_liner.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/08_File_Uploads/php_one_liner.php -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/pageinsec/portswigger_academy/HEAD/README.md -------------------------------------------------------------------------------- /SQLi/README.md: -------------------------------------------------------------------------------- 1 | Moved to https://github.com/pageinsec/portswigger_academy/tree/main/01_SQLi 2 | --------------------------------------------------------------------------------