Host & Short your XSS payload with SurgeEverything should be made as simple as possible, but not simplerNov 20, 2023Nov 20, 2023
Bypass Flutter Protection — Hooking Verify FunctionSimon says, listen to my proxy!Apr 5, 2023Apr 5, 2023
JWT weak secret — MongoDB Object IDs Prediction to Account TakeoverPredict like a magician, craft like a blacksmithJan 25, 2023Jan 25, 2023
AbuseHumanDB — HackTheBox Write-UpEn el primer post de este blog vamos a examinar un challenge de Hack The Box llamado “AbuseHumanDB” y como efectuar un Blind XS Leak+ CORS…Nov 27, 2021Nov 27, 2021