π This repository contains my personal security writeups for
PortSwigger Web Security Academy labs.
π Each lab is documented in:
- π¬π§ English
- πΈπ¦ Arabic
π― The focus of these writeups is not only solving the lab, but understanding vulnerabilities from an attackerβs mindset:
- π Why the vulnerability exists
- βοΈ How it can be exploited
- π₯ What impact it has
- π οΈ How it should be properly fixed
- π« Broken Access Control (OWASP Top 10 β A01:2025)
- π SQL Injection
- π§ Cross-Site Scripting (XSS)
- π Authentication & Authorization
- 𧩠Business Logic Vulnerabilities
- π§ͺ Improve exploitation methodology
- π§ Develop security thinking
- π Practice clear and professional documentation
- π± Build a public learning portfolio
π¨ All labs are intentionally vulnerable and provided by
PortSwigger Web Security Academy.
This content is for educational purposes only.
π¨βπ» Ghassan Al-Mansouri
π Cybersecurity | Web Security | Pentesting