Bug hunting is a mix of technical skills, persistence, and curiosity. Sometimes, the simplest bugs are overlooked because of one thing —…

Hi Readers!
I hope you all are doing well,
In this post, I want to discuss a specific type of vulnerability I've encountered: Server-Side Template Injection (SSTI) in Freemarker that can lead to Remote Code Execution (RCE). This vulnerability is part...

Learn how small errors in OAuth implementation can lead to significant security vulnerabilities like one-click account takeover in web applications

Combining response-type switching, invalid state and redirect-uri quirks using OAuth, with third-party javanoscript-inclusions has multiple vulnerable scenarios where authorization codes or tokens could leak to an attacker. This could be used in attacks for…

SQL injections without tables?

The following is a writeup for some Android specific chromium behaviors.

oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning - cyllective/oauth-labs

iOS and macOS Decompiler. Contribute to LaurieWired/Malimite development by creating an account on GitHub.

Table of Contents

JP (Translated by ChatGPT) In this article, I'll explain the intended solution for the "Tanuki Udon" challenge presented in SECCON CTF 13. TL;DR An XS-Leaks att…

Cross-Site Scripting (XSS) is often considered a beautiful attack due to its elegance and effectiveness in exploiting vulnerabilities…

This blog post covers DOMPurify 3.2.1 Bypass, explaining a specific mutation technique