Hello Friends,

I’m Rem01x And I’m Currently Preparing For The eWPTX Exam So I Will Be Walking Through All PortSwigger Labs And Make Sure To Make Writeups For All Of Them.

Let’s Start Now.

Assume that we have this website.

Now, let’s login to our account

Now, let’s go to the burp and check the requests,

Please notice the CORS Header in the response

Now, let’s try to add the Origin Header and see if it reflects

It’s seems that the Origin Header not reflected back to us

Now, let’s try the Origin Header null value

Nope that didn’t work too.