Blog Posts
2025
Chaining XPath injections into DOM based XSS
2025-05-15
form-action Content-Security-Policy Bypass And Other Tactics For Dealing With The CSP
2025-01-19
2024
Running javascript without using parentheses
2024-10-31
SQL injection filter evasion cheat sheet
2024-10-25
Bypassing Browsers' Defenses Against Dangling Markup Injections
2024-04-02
HTML elements can overwrite javascript variables
2024-03-20
Tool for scanning the Import and Export tables in Windows binaries.
2024-02-28
2023
Tool for finding RPO vulnerabilities, a new type of vulnerability
2023-08-13
LoginCrack.py -- More Methods For Breaking Web Logins
2023-08-09
High Speed Methods For Blind SQL Injections
2023-08-04
Bypasses for the some of the most popular WAFs
2023-08-03
XSS filter/WAF evasion through invalid escapes
2023-07-28
Modern XPath Exploitation
2023-07-21
Using XSS Polyglots For Detecting Blind XSS Vulnerabilities
2023-07-12
SQL Injection Detection Optimization
2023-07-12
Hello world!
2023-07-11
Published @ 2023-07-13 13:56