Search
Featured posts

Intigriti March XSS Challenge (0325)
A hard Cross-Site Scripting challenge chaining small bugs with one very hard step to leak a fragment directive using Self XSS

Cache Deception on my new site!
A fun story about discovering my site was vulnerable to Cache Deception, allowing the visit of a link by me to leak all hidden blog posts to an attacker, thanks to URL-decoding and Path Traversals to confuse cache rules

Pressing Buttons with Popups (on Twitch, LinkedIn and more)
Combining existing research with my own experiments to create a realistic proof of concept that forces an OAuth authorization with a single key press. Learn the ins and outs of popup blockers and focusing through URL hashes.

x3CTF - blogdog (+ new CSS Injection XS-Leak!)
A "hard web xssbot" challenge about a fun browser quirk with the is= attribute to perform CSS Injection. Bypass the strict CSP with an unintended new technique to XS-Leak a selector's result by detecting the site crashing