Always a good idea to just browse the website tabs/pages
Often there will be JS in the inspector that leads to a page not listed in tabs
Check here for pages that may not be properly paywalled/login protected!
Sometimes there is more than meets the eye to the urls you can see being used…
hint: sometimes too much info is given out ;)
Task 3 - Viewing the page source
The code given on a successful (or sometimes partically successful) request to a webserver
Neat thing: adding view-source:<url> pulls up the code without inspect element
Always look for comments! Sometimes they can be super buried, so you can always ctrl-f for <!--
See if there is a framework being used for static/dynamic site generation- is the version being used behind?
If it is, chances are there may be a security flaw!
Task 4 - Developer Tools - Inspector
This task went over some basic HTML/CSS things
Always see if a page “blocker” (adblock-blocker, premium) is just a div hiding it, may be common sense but I never thought of it beyond the scope of paywalled articles.
Task 5 - Developer Tools - Debugger
Use breakpoints! These will stop the execution of some JS midway, or at a certain point. Breaking things that aren’t expected to be broken can lead to interesting things ;)
Task 6 - Developer Tools - Network
There may be hidden things in the headers AND response payloads, make sure to check both, even for something simple…