Blog
Search
Featured posts
Finding XSS on Shazzer (literally)
How I found an XSS in Shazzer, a tool for discovering and sharing browser quirks through fuzzing. Not *using*, but *in* Shazzer. We'll explore some useful techniques with Blob URLs to unsandbox malicious content.
SvelteSpill: A Cache Deception Bug in SvelteKit + Vercel
How an AI agent found a cache deception vulnerability affecting default SvelteKit apps deployed on Vercel. Authenticated responses could be cached and exposed across users.
openECSC 2025 - kittychat-secure
Overcomplicating a hard client-side web challenge involving complex CSP script gadgets. Exploit Math.random() predictability, and learn how to use the Connection Pool to make Race Conditions easier.
Nonce CSP bypass using Disk Cache
The solution to my small XSS challenge, explaining a new kind of CSP bypass with browser-cached nonces. Leak it with CSS and learn about Disk Cache to safely update your payload