Defeating XSS filters using unexpected HTML tags and attributes
Partial disclosure of a bug bounty report: defeating XSS filters using unexpected HTML tags and attributes.
Partial disclosure of a bug bounty report: defeating XSS filters using unexpected HTML tags and attributes.
Partial disclosure of a bug bounty report: breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer.
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
Partial disclosure of a bug bounty report: human 1 - sqlmap 0, defeating automation through manual exploitation.
Partial disclosure of a bug bounty report: defeating XSS filters using unexpected HTML attributes.
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.
Partial disclosure of a bug bounty report: TE.TE HTTP request smuggling obfuscating the TE header.
Partial disclosure of a bug bounty report: reflected XSS bypassing a 302 Security Redirect due to the presence of Javascript function calls.
Partial disclosure of a bug bounty report: time-based SQL injection in login form.
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
Review of the eJPT (eLearnSecurity Junior Penetration Tester), certification of eLearnSecurity intended for students interested in obtaining the necessary training that a junior pentester should have.
Writeup of the machine Diff3r3ntS3c from VulNyx.
Writeup of the machine HackingStation from VulNyx.
Research on how to bypass the HttpOnly flag via the PHP info page to exfiltrate the user cookies during an XSS exploitation.