This lab contains a SQL injection vulnerability in the product category filter. The results from the query are returned in the application's response, so you can use a UNION attack to retrieve data ...

Phishing involves tricking a target into submitting their ID, password, or payment card data to an attacker. Login credentials for online banking, webmail, or e-commerce sites are among the potential ...

This section describes how to generate Standard and Compliance reports. You can send scan summary reports automatically, by email.

This extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities, and requires Burp Suite v2021.9 or later. It combines advanced diffing ...

This lab has a "Check stock" feature that embeds the user input inside a server-side XML document that is subsequently parsed. Because you don't control the entire XML document you can't define a DTD ...

In this section, we'll describe various ways in which HTTP request smuggling vulnerabilities can be exploited, depending on the intended functionality and other behavior of the application. In some ...

This lab contains a path traversal vulnerability in the display of product images. The application transmits the full file path via a request parameter, and validates that the supplied path starts ...

Launching labs may take some time, please hold on while we build your environment. Practise exploiting vulnerabilities on realistic targets. Record your progression from Apprentice to Expert. See ...

When you create a new site, the Scan settings > Scan configuration tab enables you to specify one or more configurations to use to scan the site. You must select a scan configuration in order to be ...

Browser security is a huge concern for both individuals and organizations. Common vulnerabilities, including insecure websites and malicious browser extensions, can impact any network, regardless of ...

This lab involves a front-end and back-end server, and the back-end server doesn't support chunked encoding. To solve the lab, smuggle a request to the back-end server, so that a subsequent request ...