2022-06-28 11:40   And here is the @intigriti June challenge write-up by @B1udg3r https://bit.ly/3QSpbU0    #[email protected] #安全文章 And here is the @intigriti June challenge write-up by @B1udg3r bit.ly/3QSpbU0

2022-06-24 12:52   Finding & Fixing DOM-based XSS. A very good overview presentation by @freddyb at @enterjsconf https://bit.ly/3OiS2iB    #[email protected] #安全文章 Finding & Fixing DOM-based XSS. A very good overview presentation by @freddyb at @enterjsconf bit.ly/3OiS2iB

2022-06-21 10:36   New challenge by @intigriti https://challenge-0622.intigriti.io/    #[email protected] #安全文章 New challenge by @intigriti challenge-0622.intigriti.io/

2022-06-20 15:44   The importance of white-box testing: a dive into CVE-2022-21662, a good paper by Adeeb Shah from @Trustwave https://bit.ly/3N6kjY3    #[email protected] #安全文章 The importance of white-box testing: a dive into CVE-2022-21662, a good paper by Adeeb Shah from @Trustwavebit.ly/3N6kjY3

2022-06-14 22:44   Bypassing CSP with dangling iframes, great finding by @garethheyes https://bit.ly/3tyDumk    #[email protected] #安全文章 Bypassing CSP with dangling iframes, great finding by @garethheyes bit.ly/3tyDumk

2022-06-13 12:12   Tips to find stored XSS, a good article by @bigb0ss___ https://bit.ly/3Hghn9Y    #[email protected] #安全文章 Tips to find stored XSS, a good article by @bigb0ss___bit.ly/3Hghn9Y

2022-06-10 11:31   XSS Vulnerability Scenarios, a set of challenges by @MoeinFatehi https://bit.ly/3MI7oeK    #[email protected] #安全文章 XSS Vulnerability Scenarios, a set of challenges by @MoeinFatehi bit.ly/3MI7oeK

2022-06-03 13:07   The underrated bugs, a great article (not only XSS focused but still...) by @RenwaX23. https://bit.ly/3tdQb5T    #[email protected] #安全文章 The underrated bugs, a great article (not only XSS focused but still...) by @RenwaX23.bit.ly/3tdQb5T

2022-05-30 20:58   R to @XssPayloads: Useful comment from @h43z : "For this to work you gotta throw it up ?" throw Uncaught=onerror=eval, e=Error`*/;alert\x281\x29`,http://e.name='/*',e    #[email protected] #安全文章 Useful comment from @h43z :"For this to work you gotta throw it up ?"throw Uncaught=onerror=eval, e=Error`*/;alert\x281\x29`,e.name='/*',e

2022-05-30 13:44   New challenge by @intigriti https://challenge-0522.intigriti.io/    #[email protected] #安全文章 New challenge by @intigriti challenge-0522.intigriti.io/

2022-05-30 12:53   A weird on for FF and Chrome by @h43z, quoting @RenwaX23 Uncaught=onerror=eval,e=Error`*/;alert\x281\x29`,http://e.name='/*',e    #[email protected] #安全文章 A weird on for FF and Chrome by @h43z, quoting @RenwaX23 Uncaught=onerror=eval,e=Error`*/;alert\x281\x29`,e.name='/*',e

2022-05-19 15:13   Bypassing WAF to weaponize a stored XSS, nice article by ne555 https://bit.ly/39x9JLF    #[email protected] #安全文章 Bypassing WAF to weaponize a stored XSS, nice article by ne555bit.ly/39x9JLF

2022-05-19 14:56   A nice collection of postMessage() vulnerabilities articles, provided by @Alra3ees    #[email protected] #安全文章 A nice collection of postMessage() vulnerabilities articles, provided by @Alra3eestwitter.com/Alra3ees/status/1527029184517885954#m

2022-05-18 13:15   S'more from @garethheyes <svg onload=http://evt.target.ownerDocument.defaultView.alert(1337)>    #[email protected] #安全文章 S'more from @garethheyes &lt;svg onload=evt.target.ownerDocument.defaultView.alert(1337)&gt;

2022-05-18 13:12   Another nice one by @garethheyes <svg><animate onbegin=evt.path.pop().alert(1) attributeName=x dur=1s>    #[email protected] #安全文章 Another nice one by @garethheyes &lt;svg&gt;&lt;animate onbegin=evt.path.pop().alert(1) attributeName=x dur=1s&gt;