Security engineer, Bugbounty hunter, Developer and... H4cker

pet and hack-pet. managing command snippets for security testing

Hi, hackers and bugbounty hunters :DToday, I'd like to talk about how to easily ma...

One custom certificate, Using all tools and your devices (for bug bounty/pentesting)

I use both Burp pro/ZAP/Cli base proxy. When it comes to simply testing the web, i...

Bypassing string base XSS protection with Optional chaining

Hi hackers and bugbounty hunters :D Today, I share very very very simple tip ...

E-mail 포맷을 이용한 여러가지 Exploiting 기법들 (You've got email pwned korean review)

Recently, the nahamcon2020 was in over. I difficult to watching it in my time zone...

Setup bugbounty hunting env on termux :D

The termux in my memory was Linux on Android, which was only available with some L...

golang 어플리케이션 self update 적용하기(github latest version 기반)

메모 차원에서 작성합니다. dalfox 1.1 버전대 업데이트에서 큰 부분 중 하나가 self-update입니다. 이전에 xspear, a2sv 등...

Vulnerability of postMessage and postMesasge-tracker browser extension

Hi hackers and bugbounty hunter!Recently, @frans released a browser extension call...

Find reflected parameter on ZAP and Easy testing reflected XSS!

Hi hacker and bugbounty hunters.Starting this year, I made web hacking tools colle...

How to use DalFox's Fun Options (if found notify , custom grepping)

As you can see from my blog and tweet, I recently full-change(new project...) my X...