How to solve an XSS challenge from Intigriti in under 60 minutesWriteup to Intigriti’s 0621 XSS challengeJun 27, 20212Jun 27, 20212
Blind SQL Injection without an “in”Alternative ways to retrieve table names in MySQL — without information_schema.Jan 7, 2020Jan 7, 2020
Clobbering the clobbered vol. 2Write-up based on “simple” XSS challenge by @terjanqDec 27, 2019Dec 27, 2019
Massive XS-Search over multiple Google productsA couple of months back, I took a part in researching dangers that come from Cache Probing Attack and new ways to exploit the…Nov 12, 2019Nov 12, 2019
Clobbering the clobbered — Advanced DOM ClobberingBased on @SecurityMB XSS ChallengeSep 26, 20193Sep 26, 20193
How I am able to hijack you.or rather: How I am able to hijack your autosuggestions in Google Search.Apr 3, 20191Apr 3, 20191
Published inInfoSec Write-upsGoogle Books X-HackingCross-Site Search on Google Books by abusing the XSS AuditorMar 21, 20192Mar 21, 20192