Showcases and Tutorials about Coding projects I do, or tools I make. To show how a tool works, or how I made it. Everything is mostly done in Python because of its ease of use.
Cache Deception on my new site!
A fun story about discovering my site was vulnerable to Cache Deception, allowing the visit of a link by me to leak all hidden blog posts to an attacker, thanks to URL-decoding and Path Traversals to confuse cache rules
How I got a Shodan Favicon Hash = 1337
Analysis of the Shodan hashing algorithm for favicons to brute force and pre-image any hash. With a caching trick to reduce the required computation a ton, packed into a new CLI tool to do the same in seconds
Reflected XSS on my own site!
A short post about an interesting Reflected Cross-Site Scripting (XSS) vulnerability in this very site, but was not exploitable due to Content Security Policy