This is also my methodology when learning. In addition to this, when reading a blog post about a vulnerability, say for example the writer talked about the application having a functionality to comment on a blog post or the writer showed a screen shot of the Burp HTTP request, take a minute before continuing with the rest of the write-up and ask yourself if I were to be the one with this request, what would I have done and list out all the things you would have tried out then continue, if the list of things you noted down is among what the writer tried then that’s good and if it’s not, don’t be too hard on yourself, just add it to your own checklist. Thanks for the write up man.


Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store