Posts

Clone2Leak: Your Git Credentials Belong To Us

Non-Intrusive Web Recon: Techniques from Chrome DevTools Recorder

Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection

Beyond the Limit: Expanding single-packet race condition with a first sequence sync for breaking the 65,535 byte limit

BatBadBut: You can't securely execute commands on Windows

Bypassing DOMPurify with good old XML