James Cao

DVWA Open HTTP Redirect Low/Medium/High Security

Use Javascript vulnerability to gain access.

Oct 20, 2025 • 2 min read

DVWA Javascript Attacks Low/Medium/High Security

Use Javascript vulnerability to gain access.

Oct 20, 2025 • 4 min read

DVWA File Upload Low/Medium/High Security

Leveraging file upload functionality to gain access to server.

Oct 16, 2025 • 3 min read

DVWA CSRF Low/Medium/High Security

CSRF attack change any accounts passwords.

Oct 16, 2025 • 3 min read

DVWA CSP Bypass Low/Medium/High Security

Bypass CSP policy and inject our desired Javascript code.

Oct 16, 2025 • 1 min read

DVWA Cryptography Low/Medium/High Security

Decode the encoded string to get the correct password.

Oct 16, 2025 • 2 min read

DVWA Command Injection Low/Medium/High Security

Get access to server resources through ping function.

Oct 16, 2025 • 2 min read

DVWA Brute Force Low/Medium/High Security

Brute-force and get the admin account credentials.

Oct 16, 2025 • 2 min read

DVWA Authorisation Bypass Low/Medium/High Security

Leveraging vulnerabilities to get access to user manager system.

Oct 16, 2025 • 2 min read

Exploting IMPOSSIBLE Security Level CSRF - DVWA

A step-by-step guide on how I exploit the IMPOSSIBLE security level of CSRF vulnerability in DVWA (Damn Vulnerable Web App).

Oct 11, 2025 • 3 min read

© 2025 James Cao. Some rights reserved.

Using the PaperMod theme for Hugo.