๐Ÿงช Proof of Concept (PoC)

Demonstrating the impact of vulnerabilities with precision and ethics

What is a Proof of Concept?

A Proof of Concept (PoC) in cybersecurity is a demonstration that shows how a vulnerability can be exploited to achieve an impact. It's not about full exploitation, but rather about verifying that the issue is real and can be used under certain conditions. A well-structured PoC is critical for convincing stakeholders and developers to prioritize remediation.

๐Ÿšจ Why PoCs Matter

๐Ÿ“Œ Key Concepts

Clarity

Explain exactly how the vulnerability was discovered and how it can be replicated. Include URLs, parameters, payloads, headers, etc.

Minimal Impact

Show enough to prove the risk without damaging the system or data.

Repeatability

Anyone following your PoC steps should be able to reproduce the result.

๐Ÿงญ How to Write a Good PoC (Step-by-Step)

  1. Describe the vulnerability: Include what, where, and how it occurs.
  2. Include context: Mention affected endpoints, roles, parameters, and requirements (auth/no auth).
  3. Build the request: Use curl, Burp Suite, Postman, or raw HTTP to demonstrate.
  4. Explain the response: Highlight what confirms the vulnerability (error message, behavior, data, etc.).
  5. Visuals (optional): Add screenshots or GIFs to make it clearer.

๐Ÿ› ๏ธ Real-World Example: IDOR PoC

Vulnerability: Insecure Direct Object Reference (IDOR) on /api/user/profile?id=

# Authenticated request with user A's token
GET /api/user/profile?id=102 HTTP/1.1
Host: vulnerable.site
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6Ikp...

# Response reveals user B's data
{
  "id": 102,
  "email": "b.user@example.com",
  "role": "editor"
}

Explanation: By simply changing the id parameter, an attacker can access data belonging to another user. No access control validation is performed server-side.

๐Ÿ’ก PoC Writing Tips

๐Ÿ“š Additional Resources