Bypass blank,slash filter for XSS to simple trick (double-double ")
Hi, hackers.The XSS pattern I’m going to talk to you about today… but It’s not a n...
Security engineer, Bugbounty hunter, Developer and... H4cker
HTTP Desync Attack 에 대해 알아보자(HTTP Smuggling attack re-born, +My case)
Today’s content is Korean content for HTTP Desync Attacks. Based on the link below...
onload*(start/end) event handler XSS(Any browser)
Hi hackers.Last time I wrote about onpointer * xss, I write a not well-known even...
onpoint* XSS Payload for bypass blacklist base event-handler xss filter
Hi hackers.I crafted XSS payloads for bypass event handler protection. it is just ...
JSONP Hijacking
Hi hackers. It’s a long time I didn’t write blog post.I found JSONP Hijacking a no...
Event handler for mobile used in XSS (ontouch*)
Some event handlers do not appear in the OWASP list.It is a touch event like ontou...
HTTP Request(ZAP, Burp) Parsing on Ruby code (Method , Headers, etc...)
https://github.com/hahwul/XSpear/issues/10XSpear 관련해서 이런 건의사항이 하나 있었습니다. Burp, ZAP...
Displaying cli base table at ruby application on terminal
I Simply write it (for note). It is easy to develop using terminal-table.How to In...
XSS payload for escaping the string in JavaScript
오늘 오후쯤 신기한 페이로드를 하나 찾아서 메모해뒀다가 글로 작성해봅니다.자바스크립트 내부에 코드가 삽입되었지만 문자열을 탈출할 수 없을 때 사용할...