PortSwigger OAuth 2.0 authentication

OAuth 2.0 authentication vu...

PortSwigger

从 0 开始搭建 Agent

基于 Google AI Studio / Gemini API 的猫娘天气查询系统

AI

CVE-2026-9848 => WP Ticket 插件未授权 SQL 注入

WP Ticket <= 6.0.4

SQL 注入

ZoodPay WooCommerce 插件退款回调链路分析:公开入口、失效验签与未参数化 SQL

在审计 zoodpay 插件时,我关注到一条完整的风险链:

SQL 注入

CVE-2026-3657 My Sticky Bar <= 2.8.6 - Unauthenticated SQL Injection

My Sticky Bar Plugin <= 2.8.6

SQL 注入

PortSwigger Cross-site request forgery (CSRF)

CSRFLab: CSRF vulnerability...

PortSwigger
she11f 的 2025 年终总结

PortSwigger NoSQL injection

Lab: Detecting NoSQL inject...

PortSwigger

PortSwigger JWT attacks

JWT attacksLab: JWT authent...

PortSwigger

PortSwigger Api Testing

Api Testing Lab: Exploiting...

PortSwigger
1235