Divya Patel

Featured in: Favicon

medium.com Favicon

mdpi.com

bmj.com

biomedcentral.com Favicon

cell.com

thelancet.com Favicon

dev.to

businesstimes.com.sg Favicon

jci.org

mediabrief.com + 9 more

Articles

High-level logic vulnerability is the business logic vulnerability in the Portswigger

Dec 7, 2024 | medium.com | Divya Patel

After the lab get started …Open the Burp Suite and close the intercept if it is on. Agenda: Buy the “Lightweight l33t leather jacket”. Let Get Started:First of all ,Login in the account by the given credentials. For example: wiener:peter. Go to the Home and try to buy the jacket but there is a cache that you can’t buy that as the price of the jacket is higher than the given store credit. So we have bypass that and buy the jacket. Now click on the view details of jacket and add in the cart.
Broken brute-force protection, multiple credentials per request in Portswigger

Nov 21, 2024 | medium.com | Divya Patel

Divya Patel·Follow3 min read·--Once the lab get started -> My AccountIn the BurpSuite turn off the intercept if it is on. On the My Account page you will find the login page, enter Carlos as username and any incorrect password for 4 times in row. You will notice the following error:Now go to burp suite and observe the request then you will find the username & password are sent in JSON format as:First send the above request to the repeater and change the username from wiener to carlos .
CSRF where token validation depends on token being present lab in the Portswigger.

Nov 21, 2024 | medium.com | Divya Patel

Divya Patel·Follow4 min read·--It is Medim Level security lab. Once the lab get started login with the given credentials in the lab:weiner:peter. Open up the burpsuite and turn off the intercept if it is on. After that open the proxy tab and open the browser, copy the lab url and paste in the browser. Here login with the given credentials and click on the login button. After login you will get the email change functionality in the my account page.
Reflected XSS into HTML context with nothing encoded In Portswigger

Nov 20, 2024 | medium.com | Divya Patel

Divya Patel·FollowJust now--After the lab get started turn off the intercept ,if it is turn on in the BurpSuite. After that you will notice that there is a serach bar where you can test for the reflected xss vulnerability. In that serach bar enter any thing as you like for test. You cn see that the word that you have been written in the serach bar is reflecting. From that you have get the idea that it is reflected xss. Now enter the paylod — <script>alert(“You have hacked ”)</script> and Click Enter.
SQL Injection (Medium Level) in DVWA.

Nov 20, 2024 | medium.com | Divya Patel

Divya Patel·Follow3 min read·--In this arcticle you will learn how to bypass system and get the sensitive information using the sql injection in the DVWA. First of all you can checkout my lastest arcticle on medium which is related to this. This is the link of that :First of all I am requesting that first understand that arcticle to know this better.
How to Setup the DVWA in the Kali Linux

Nov 19, 2024 | medium.com | Divya Patel

Divya Patel·Follow5 min read·--How to setup any vulnerable machine. Actually , this is very easy . So in this arcticle let us steup the DVWA vulnerable machine. DVWA is designed for practice some most common web vulnerability. It is made with PHP and MySQL. So First of all open your terminal in the kali linux . After that go to the location/path which is /var/www/html as all the localhost files are stored here. Now enter the command cd /var/www/html in terminal.
CSRF where token validation depends on request method

Nov 17, 2024 | medium.com | Divya Patel

Divya Patel·Follow4 min read·--Image of the CSRF where token validation depends on request method. Solution:Go to exploit serverAfter the lab get strated -> My Accuont(page). Open up the Burpsuite , turn off the Intercept if it is on ,& open the Burpsuite browser from the Proxy or Intrecept tab in the Burpsuite. After that go to the My Account Tab and enter with te default credentials that has been given in the lab.
Password Reset Broken Logic Walkthrough

Oct 26, 2024 | medium.com | Divya Patel

Divya Patel·Follow3 min read·--Password Reset (Image)Solution:After the lab get started go -> My Account (page). Open up the Burp Suite and close the intercept if it is on. After that go on the My Account Page and click on the forget password link. After Clicking on the My Account PageThe Forget Password page will be appear than enter the credentials that has given by the lab For Eg:Wiener. After Entering the credentials hit on the submit button. After Clicking on the Submit Button.
Clustering-aided prediction of outcomes in patients with idiopathic pulmonary fibrosis - Respiratory Research

Oct 23, 2024 | respiratory-research.biomedcentral.com | Lijun Wang |Peitao Wu |Yi Liu |Divya Patel |Thomas Leonard |Hongyu Zhao

ReferencesRaghu G, Remy-Jardin M, Richeldi L, Thomson CC, Inoue Y, Johkoh T, et al. Idiopathic pulmonary fibrosis (an update) and progressive pulmonary fibrosis in adults: an official ATS/ERS/JRS/ALAT clinical practice guideline. Am J Respir Crit Care Med. 2022;205:e18–47. Article PubMed PubMed Central Google Scholar Fainberg HP, Oldham JM, Molyneau PL, Allen RJ, Kraven LM, Fahy WA, et al.
Rainy Clouds CSS Art 🌧️

Aug 2, 2024 | dev.to | Divya Patel

This is a submission for Frontend Challenge v24.07.24, CSS Art: Recreation. InspirationThe inspiration to create rainy clouds comes from the wonderful monsoon season we're experiencing right now.