A QA Engineer's Journey with Apache Guacamole By Carolina Steadham  | QA Automation Engineer Introduction In today's cybersecurity landscape, privileged access management (PAM) is critical for protecting sensitive systems. I recently completed a comprehensive QA automation project focused on testing Apache Guacamole, a clientless remote desktop gateway that provides secure access to RDP, VNC, SSH, and Telnet connections through a web browser. This project showcases my experti

1. Objective 2. Lab: Exploiting an API endpoint using documentation 3. Lab: Finding and exploiting an unused API endpoint 4. Lab: Exploiting a mass assignment vulnerability 5. Lab: Exploiting server-side parameter pollution in a query string   1. Objective:  This document showcases a set of hands-on API security testing exercises completed through the PortSwigger Web Security Academy. The goal is to demonstrate practical skills in identifying, analyzing, exploiting and mitiga