Respect XSS

Wednesday, June 14, 2017

A Look at CVE-2017-8514 --- SharePoint's `Follow` Feature XSS

TL;DR: All your SharePoint installations are belong to us. The XSS (worth $2500) affecting both on-premises and online version looks lik...

Sunday, April 17, 2016

Gone in Few Hours: Infooby's Fake or Questionable Bug Bounty Program

Bug bounty programs are great in many folds: learning perspective, monetary benefits for bug hunters and a step towards safe and secure we...

Wednesday, April 6, 2016

Pairing Single Quotes

During pentest, I came across an interesting and unusual case where developers're trying to escape a single quote ( ' ) via a sing...

Sunday, February 28, 2016

Stored, Reflected and DOM XSS in Google for Work Connect (GWC)

Google for Work Connect ( GWC ) is "a community for system/application administrators and partners". GWC is in scope for Google ...

Sunday, February 14, 2016

Keep An Eye On $.html, $.get and $.ajax Functions

The $.html(), $.get() and $.ajax() are potential XSS venues. Some of you're already aware of this but lets see real life examples ...

Sunday, February 7, 2016

Find The Root Cause

This time instead of publishing a new blog post, I present two real life XSS example cases from the wild. I already XSSed both cases for y...

Sunday, January 31, 2016

The Magic of Connecting The Dots

Macy's ( http://www.macys.com/ ) calls itself "the magic of macy's" (at least the word magic is mentioned on their main ...

View web version

Powered by Blogger.