Blog


Search

Featured posts

Web XSS Filter Bypass

Intigriti July XSS Challenge (0725)

My author's writeup of the July 2025 challenge. Perform Mutation XSS to DOM Clobber an change the insertion point into an iframe, then bypass the CSP using a new useful Socket.IO gadget

Web Scripting XSS CSS

Nonce CSP bypass using Disk Cache

The solution to my small XSS challenge, explaining a new kind of CSP bypass with browser-cached nonces. Leak it with CSS and learn about Disk Cache to safely update your payload

Web Scripting Encoding RCE Windows

OBS WebSocket to RCE

Disabling password authentication of your OBS WebSocket server can have devastating consequences. We'll attack from the browser to construct an RCE payload on Windows formed from the pixels of an image, a polyglot.

External

MCP: May Cause Pwnage - Backdoors in Disguise

Together with @AtomicByte, we found some vulnerabilities in the MCP protocol, debugging tools, and scanned for internet-exposed servers. This resulted in a ton of results ranging from headless browsers, databases or code evaluators.