Web Security Labs

A collection of web security testing tools to help security professionals and enthusiasts audit web applications with efficiency and ease.

Match and Replace

Learn how to use M&R - a powerful tool for finding and replacing patterns in HTTP requests and responses.

Open Lab

IDOR Vulnerability

Explore how Insecure Direct Object References can expose sensitive user information and learn to identify these vulnerabilities.

Open Lab

Too Many Requests

Learn how to filter information with HTTPQL and how it can be used to scan for hidden information.

Open Lab

ShaSigned

Learn how to use convert workflows to really speed up your testing process.

Open Lab

CSRF via Content-Type

Explore how improper content-type handling can lead to CSRF vulnerabilities, even with SameSite cookies.

Open Lab

Session Monitor

Learn how to track session ID changes and monitor session behavior using Caido workflows for session management testing.

Open Lab

XSS Lab

Discover two types of reflected XSS vulnerabilities, one in an HTML context and one in a JavaScript context.

Open Lab