This series summarizes my OSWE / WEB-300 learning notes, focusing on source code review, exploit chain analysis, authentication bypass, deserialization, server-side vulnerabilities, client-side security issues, and real-world vulnerability research patterns.

  • Instructional Notes Part 1
    Code Review Foundations and SQL Injection
    Managed .NET Code, Decompiling Java Classes, AMUserResourcesSyncServlet SQL Injection Attack, PostgreSQL Extensions, etc.

  • Instructional Notes Part 2
    Deserialization and Server-Side Template Injection
    XmlSerializer, DotNetNuke Cookie Deserialization RCE, SSTI Attack, ERPNext Authentication Bypass, etc.

  • Instructional Notes Part 3
    Authentication Bypass, XXE, and XSS
    Password Reset Vulnerability, XML Parsing, XXE Exploit, Web Shells, openCRX Authentication Bypass and RCE, openITCOCKPIT XSS, DOM-based XSS, etc.

  • Instructional Notes Part 4
    WebSocket Security, SOP, CORS, and CSRF
    WebSocket Client, Concord Authentication Bypass and RCE, Same-Origin Policy (SOP), Cross-Origin Resource Sharing (CORS), SameSite, CORS + CSRF, DatabaseModule API Leak, etc.

  • Instructional Notes Part 5
    SSRF and Prototype Pollution Exploitation
    Server-Side Request Forgery (SSRF), SSRF Port Scanning, SSRF Subnet Scanning, Render API Authentication Bypass, Prototype Pollution, EJS Prototype Pollution RCE Exploitation, Handlebars Prototype Pollution RCE Exploitation, etc.

  • Instructional Notes Part 6
    Dangerous Functions, Eval Filter Bypass, and WAF Bypass
    Dangerous Functions, Security Filter Bypass to Trigger Eval, Dolibarr Eval Filter Bypass RCE, PostgreSQL Injection, WAF Bypass, Coraza WAF, RudderStack SQL Injection and Coraza WAF Bypass, etc.