albinowax_
- Karma
- 0
- Created
- ()
- Submissions
- -1,891,211,166
- Drag and Pwnd: Exploiting VS Code with ASCII (portswigger.net)
- Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information (embracethered.com)
- Chaining Three Bugs to Access All Your ServiceNow Data (assetnote.io)
- ORM Leak Vulnerabilities (elttam.com)
- Getting XXE in Web Browsers Using ChatGPT (swarm.ptsecurity.com)
- Response Filter Denial of Service: shut down a website by triggering WAF rule (blog.sicuranext.com)
- Source Code Disclosure in Asp.net via Cookieless Sessions (swarm.ptsecurity.com)
- ChatGPT Account Takeover via Wildcard Web Cache Deception (nokline.github.io)
- The curl quirk that exposed Burp Suite and Google Chrome (portswigger.net)
- Brave browser’s Tor feature found to leak .onion queries to ISPs (portswigger.net)
- Cracking reCAPTCHA, Turbo Intruder Style (portswigger.net)
- The age of browser XSS filters is over (portswigger.net)
- Significant new web hacking techniques from 2018 (portswigger.net)
- Abusing Meta Programming for Unauthenticated RCE in Jenkins (blog.orange.tw)
- Turbo Intruder: Embracing the Billion-Request Attack (portswigger.net)
- An overview of the top web hacking techniques of 2017 (portswigger.net)
- Vulnerability in Hangouts Chat a.k.a. how Electron makes open redirects great (blog.bentkowski.info)
- Exploiting Open-XChange with Blind XXE via Powerpoint Files (hackerone.com)
- Detecting Same-Origin Redirections with a Bug in Firefox's CSP Implementation (diary.shift-js.info)
- Evading CSP with DOM-based dangling markup (portswigger.net)
- XSS protection disappears from Microsoft Edge (portswigger.net)