PGP
HackerOne
Yogosha
YesWeHack
TryHackMe
HackTheBox
CodeWars
Buy Me a Coffee
Defeating XSS filters using unexpected HTML tags and attributes
Partial disclosure of a bug bounty report: defeating XSS filters using unexpected HTML tags and attributes.
Recent Posts
Breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer
Partial disclosure of a bug bounty report: breaking the perimeter by exploiting routing-based SSRF via a misconfigured load balancer.
HackerNight 2024: my first live hacking event
Review of my experience at the HackerNight live hacking event in RootedCON and how I got the first blood on one of the customers.
VulNyx: Diff3r3ntS3c
Writeup of the machine Diff3r3ntS3c from VulNyx.
VulNyx: HackingStation
Writeup of the machine HackingStation from VulNyx.
Human 1 - sqlmap 0: defeating automation through manual exploitation
Partial disclosure of a bug bounty report: human 1 - sqlmap 0, defeating automation through manual exploitation.
Defeating XSS filters using unexpected HTML attributes
Partial disclosure of a bug bounty report: defeating XSS filters using unexpected HTML attributes.
Subdomain takeover via unclaimed Azure VM
Partial disclosure of a bug bounty report: subdomain takeover via unclaimed Azure VM.
Reflected XSS through POST request in a login form
Partial disclosure of a bug bounty report: reflected XSS through POST request in a login form.
Reflected XSS in search filter clear button in an e-commerce website
Partial disclosure of a bug bounty report: reflected XSS in search filter clear button in an e-commerce website.