Skip to content

Linux Security Blog

How Hackers Work

Search
  • Home
  • Shep Tutorials
    • Set Up Security Shepherd On VMWare
    • Failure To Restrict Access – Solution
    • Insecure DOR – Solution
    • Poor Data Validation – Solution
    • Security Misconfiguration – Solution
    • Insecure Direct Object Reference 2 Solution
    • Cross Site Scripting One Solution
    • SQL Injection Solution
    • OWASP Security Shepherd – Failure To Restrict Access Solution
    • Session Management Challenge One – Solution
  • GNS3 Series
    • Install GNS3 2.2 on Windows10 | Download Link Included
    • Import VirtualBox Images to GNS3
  • Python Series
    • Part I
    • Part II
  • About

Search Results for: security shepherd

AppSec…

OWASP Security Shepherd- Session Management Challenge One – Solution – LSB

12 Oct 201812 Oct 2018
We have another solution in the OWASP Security Shepherd challenges and we enjoyed completing this one. You can find out about Session Management from OWASP here. So let's get on…
AppSec…

OWASP Security Shepherd – Failure To Restrict Access Solution – LSB

27 Sep 201827 May 2019
Am I Vulnerable To 'Failure to Restrict URL Access'? The best way to find out if an application has failed to properly restrict URL access is to verify every page. Consider for…
AppSec…

OWASP Security Shepherd – Insecure Cryptographic Storage Challenge 1 Solution – LSB

21 Sep 2018
Thanks for visiting and today we have another OWASP Security Shepherd Solution for you. This time it's the Insecure Cryptographic Storage Challenge. Cryptography is usually the safest way to communicate…
AppSec…

OWASP Security Shepherd – SQL Injection Solution – LSB

15 Sep 201819 Sep 2019
A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data…
AppSec…

OWASP Security Shepherd – Cross Site Scripting One Solution – LSB

12 Sep 201812 Sep 2018
Welcome back to LSB my budding hackers. Today's lesson is about Cross Site Scripting (Or XSS).  Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected…
AppSec…

OWASP Security Shepherd – Insecure Direct Object Reference Solution – LSB

10 Sep 2018
Welcome back to the Security Shepherd solutions from LSB. This was quite an interesting puzzle and it took a few tries to get the key. Insecure Direct Object Reference (called IDOR from here) occurs when…
AppSec…

OWASP Security Shepherd – Failure To Restrict Access Solution – LSB

7 Sep 20187 Sep 2018
What is Failure to Restrict URL Access Vulnerability/Threat? Failure to restrict URL access occurs in applications hide functionality from non-privileged users. In an application that fails to restrict URL access, administration…
AppSec…

OWASP Security Shepherd – Security Misconfiguration – Solution – LSB

2 Nov 201712 Dec 2019
Welcome back to another OWASP Security Shepherd solution. This challenge is called Security Misconfiguration. So we are given a Username and Password field and we can get the result key…
AppSec…

Owasp Security Shepherd – Poor Data Validation – Solution – LSB

8 Sep 201710 Jun 2019
Welcome hackers to a new OWASP Security Shepherd solution. The challenge in question is the Poor Data Validation and this happens when data is only checked on the client side.…
Cyber Security

OWASP Security Shepherd – Insecure Direct Object Reference – Solution -LSB

23 Aug 20171 Aug 2018
If you have followed the steps in my earlier blog you will have set up  Security Shepherd on your Virtual machine platform. If you have got that far, continue. If…
AppSec…

Installing Security Shepherd on VMWare Workstation 12 Player

21 Aug 201726 Jul 2018
In this post we will install Security Shepherd. A vulnerable web app for us to hack. You can download the ISO image here. Once you download the software, depackage it,…
AppSec…

Security Shepherd Solutions

20 Aug 201715 Oct 2018
The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic.…

RSS ls -a /Zer0Days

  • [remote] SmartRG Router SR510n 2.6.13 - Remote Code Execution 11 Nov 2022
  • [webapps] CVAT 2.0 - Server Side Request Forgery 11 Nov 2022
  • [local] IOTransfer V4 - Unquoted Service Path 11 Nov 2022
  • [remote] AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal 11 Nov 2022
  • [remote] MSNSwitch Firmware MNT.2408 - Remote Code Execution 11 Nov 2022

Follow Us

  • Twitter
  • Facebook
  • Tumblr
  • Reddit

RSS Crypto News

  • An error has occurred; the feed is probably down. Try again later.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 2,438 other subscribers

ls /categories

AppSec Attacks Bugs Cryptography Cyber Security Education Encryption Entertainment Exploits Hacking Linux Open Source Operating Systems OWASP Penetration Testing Privacy Security Technology Tips Tutorials

ls /comments

Foster Eli on Best Darkweb Links
crypstalk21 on Securing Your Crypto Wallet
kioptrix vm on PenTesting: Gaining Root Privi…
Johnny Dickman (@Dar… on The Darknet 2019
XXS Attack – P… on Payload in PDF
Fred (@Fred37063593) on The Hidden Wiki

ls -a -v /community

ls /MostVisited

  • Best Darkweb Links
    Best Darkweb Links
  • Payload in PDF
    Payload in PDF
  • Write a Ping Sweeper in 4 Lines of Bash
    Write a Ping Sweeper in 4 Lines of Bash
  • Crack WPA Handshake using Aircrack with Kali Linux
    Crack WPA Handshake using Aircrack with Kali Linux
  • Find Vulnerable Devices On The Internet With Shodan
    Find Vulnerable Devices On The Internet With Shodan
  • Windows Takeover with a PDF File
    Windows Takeover with a PDF File
  • How to create an I2P Darknet site
    How to create an I2P Darknet site
  • How To Use Netcat to Establish and Test TCP and UDP Connections
    How To Use Netcat to Establish and Test TCP and UDP Connections
  • BlueKeep - Exploit Windows (RDP Vulnerability) Remotely
    BlueKeep - Exploit Windows (RDP Vulnerability) Remotely
  • Heartbleed Discovery and Exploit
    Heartbleed Discovery and Exploit

ls /Archives

Follow Linux Security Blog on WordPress.com

We Use Social Media

  • Twitter
  • Reddit
  • Facebook
  • Tumblr
  • Pinterest
  • YouTube
Create a website or blog at WordPress.com
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
  • Follow Following
    • Linux Security Blog
    • Join 269 other followers
    • Already have a WordPress.com account? Log in now.
    • Linux Security Blog
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar