Web

This contains my (attempted) explanations of some web vulnerabilities, and writeups of whatever CTFs / labs / bug bounties I have done to exploit these (mainly from PortSwigger Web Academy).

Almost all website vulnerabilities are caused by the LACK OF USER INPUT SANITISATION. Never ever trust the user's input!

Websites can use the Model, Viewer and Controller (MVC) framework to organise code logically, making it easier for developers to maintain and update applications, and having an understanding of MVC frameworks can help us do white-box testing more effectively.