Database Security
Apr 2026
Objective: To implement Client-Side Field-Level Encryption (CSFLE) in a NoSQL environment …
Database Security
Encryption
MongoDB
Data Privacy
NoSQL Injection
Apr 2026
Objective: To identify and exploit NoSQL injection vulnerabilities within the “Vouched” …
NoSQL Injection
MongoDB
API Security
Vouched
Session Security
Apr 2026
Objective: To implement a “Secure-by-Design” framework for web applications to neutralize …
Session Security
Defense-in-Depth
Cookie Flags
Web Architecture
Cookie Theft
Apr 2026
Objective: To demonstrate the ease of unauthorized cookie acquisition and subsequent …
Cookie Theft
Session Hijacking
Web Security
Identity Theft
IDOR
Dec 2025
Objective: To identify and verify directory traversal vulnerabilities that allow …
IDOR
Path Traversal
Vulnerability Discovery
Web Security
Remediation
Dec 2025
Objective: To systematically document discovered web vulnerabilities and provide …
Remediation
Secure Coding
Vulnerability Management
Defensive Strategy
Vulnerability Scanning
Dec 2025
Objective: To utilize automated scanning tools to perform comprehensive reconnaissance and …
Vulnerability Scanning
OWASP ZAP
Reconnaissance
Security Assessment
SQL
Oct 2025
Objective: To leverage a compromised web shell to gain unauthorized access to the backend …
SQL
Database Security
Data Breach
Dump
CSRF
Aug 2025
Objective: To exploit missing request verification to perform unauthorized actions on …
CSRF
Session Management
OWASP
Auth Bypass
XSS
Aug 2025
Objective: To identify and exploit an unsafe JavaScript “sink” to execute arbitrary code …
XSS
JavaScript
Security Engineering
Remediation
SQLi
Aug 2025
Objective: To demonstrate how unsanitized user input allows attackers to bypass …
SQLi
WebGoat
Database Security
Parameterized Queries