Hone your Ninja skills: Solution Thought Process
With this advanced world where security is embedded in most organisations, how many times have you faced input validation and have assumed this is safe to let go?
This booklet is a companion for the challenges: Bypasses in Input Restriction hosted at https://honeyourskills.ninja/. It should be purchased and consulted only after you have spent a considerable amount of time in the challenge. This booklet is not for those who want just a direct copy-paste one-liner solution snippet in cracking the challenge, which does not yield any benefit in internalizing skills and mindsets gained from the challenge. Whenever possible, I provide only 90% hint to the challenge where you can complete the rest 10% with a little bit brain sparkling thought like “Oh, I got it!”.
This solution is typically structured in the following ways:
- Root-cause - What developers have gone wrong in failing to protect the bug. When you can put yourself in developers' shoes, this thought process makes your job a lot easier in helping developers fix the issue in the most efficient manner.
Techniques to bypass input filter - A quick short list of known Bypass techniques
How to apply techniques - How can you apply techniques in each challenge
This booklet will be live and may be updated in a timely manner with more details, more added challenges on the same nature in line with the site update, amended for errata, based on readers’ feedbacks or whenever deemed necessary.
Wish you an enjoyable thrilling learning experience.