the world. according to koto
Tuesday, June 28, 2016
Reflections on trusting CSP
Tldr; new changes in CSP sweep a huge number of the vulns, yet they enable new bypasses. Internet lives on, ignoring CSP. Let’s talk abou...
Thursday, July 31, 2014
JS crypto goto fail?
Saturday, March 22, 2014
When you don't have 0days. Client-side exploitation for the masses
Yesterday me and @antisnatchor gave a talk at Insomni'hack entitled "When you don't have 0days. Client-side exploitation fo...
Monday, January 13, 2014
XSSing with Shakespeare: Name-calling easyXDM
tl;dr : window.name, DOM XSS & abusing Objects used as containers What's in a name? "What's in a name? That which we...
Friday, December 27, 2013
Rapportive XSSes Gmail or have yourself a merry little botnet...
tldr: Learn how to code audit Handlebars applications. Xss in extension = fun times. Mosquito gets new features. It's that magic...
Monday, December 16, 2013
Breaking Google AppEngine webapp2 applications with a single hash
What's this, you think? 07667c4d55d8d81a0f0ac47b2edba75cb948d3a2$sha1$1FsWaTxdaa5i It's easy to tell that this is a salted p...
Tuesday, October 15, 2013
Exploiting EasyXDM part 2: & considered harmful
tldr: URL parsing is hard, always encode stuff and Safari has some interesting properties... This is a second post describing easyXDM v...
View web version