Skip to content

Scripts for solving WebSecurity Academy labs of PortSwigger using Python

License

Notifications You must be signed in to change notification settings

elqal3awii/WebSecurity-Academy-with-Python

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Static Badge Static Badge Static Badge Static Badge Static Badge

WebScurity Academy

Disclaimer

This repository is for educational purposes only, and I am not responsible for using any of the techniques described here for illegal usage.

Prerequisites

While I've written Hack Steps for each lab to guide you in writing scripts, the repository assumes that you already know how to solve the labs and want to do so using scripts to practice writing robust ones. That means you may not find a detailed explanation for some payloads.

Utilizing Burp Suite

I utilized the Burp Collaborator in labs requiring out-of-band interactions. To follow these labs, you'll need a licensed version of Burp Pro, or you can modify the scripts to utilize a remote server under your control.

Easy Labs

There are some labs that you may find trivial in their solutions and don't necessarily require a script. In fact, solving them without a script might be faster and easier. I have only written scripts for these labs for the completeness of this repository. Feel free to skip them if you prefer.

Error Handling

Since this repository is intended for learning, I've omitted some error handling to keep things simple. I believe this won't significantly impact your testing of scripts.

Reporting Issues

If you encounter any issues or have suggestions for improvement while working with these scripts, feel free to open an issue. Your feedback is valuable, and I appreciate your contributions to enhance the learning experience for everyone.

Python Alternatives

If your goal is to quickly write a script, then Python will be your best friend. However, if you prioritize efficiency, seeking faster runtime and script robustness, there are better options available than Python. I recommend checking out the WebSecurity Academy with Rust repository in which I have solved the same labs using Rust in both single-threaded and multi-threaded programming approaches.

Support ✨

If you appreciate the work and find it valuable, please consider giving this repository a star. Your support is greatly appreciated and helps to showcase the popularity and significance of the project.