## https://sploitus.com/exploit?id=3B448EB8-2E8A-5A12-AC36-890F075E6622
# PortSwigger Web Security Academy โ Lab Notes
Notes from completed PortSwigger Web Security Academy labs. Each write-up covers the vulnerability class, exploitation technique, payload breakdown, and remediation.
---
## Completed Labs
| Lab | Vulnerability Class | Difficulty |
|---|---|---|
| [SQL Injection UNION Attack](sql-injection-union-attack.md) | `sql-injection` `union-based` | Practitioner |
| [Reflected XSS โ HTML Context](reflected-xss-html-context.md) | `xss` `reflected` | Apprentice |
| [Authentication Bypass via Timing](authentication-bypass-timing.md) | `broken-auth` `timing-attack` `ip-bypass` | Practitioner |
---
## Tags
`#sql-injection` `#union-attack` `#xss` `#reflected-xss` `#broken-authentication`
`#timing-side-channel` `#bcrypt` `#x-forwarded-for` `#burp-suite` `#owasp`
---
## Disclaimer
All labs documented here are from PortSwigger's intentionally vulnerable training environment. No real systems were tested. These notes are for educational purposes only.