BSCP

What Are Race Conditions? # Race conditions are relatively common and are closely related to business logic flaws.

What Are File Upload Vulnerabilities? # These vulnerabilities are often present when web applications contain file upload functionality that do not sufficiently validate things like the file’s name, type, contents, or size.

What is Access Control? # Access control is how we describe the constraints that we place on an authorized user in the context of accessing resources and performing actions.

What Are Business Logic Vulnerabilities # Business logic vulnerabilities are flaws in the design or implementation of an application that let attackers produce unintended behavior.

Information disclosures seem to be highly contextual depending on where you find them and what kinds of protections are in place.

What is OS Command Injection? # This type of command injection allows attackers to execute system commands on the server that is running the vulnerable application.

This will be one of the much shorter entries in the list of applied review sections because path traversal is pretty straight forward.

For this applied review, we are going to go through authentication, which is an important part of securing your web applications.

The goal of this applied review is to review over SQL injection techniques taught in the PortSwigger labs and to apply those strategies to CTF challenges.