Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](18.232.127.73|AS14618) to the bottom mailbox to add to the whitelist

文章列表

yday 15:20   Talking XSS to http://chat.openai.com by @rbidou    #[email protected] #安全文章 Talking XSS to chat.openai.comby @rbidou

yday 12:22   A Safari one, by @garethheyes [1,2,3].with(0,alert).shift()(1)    #[email protected] #安全文章 A Safari one, by @garethheyes [1,2,3].with(0,alert).shift()(1)

dby 16:08   XSS to RCE payload example on http://lab.flipper.net by @caioluders https://github.com/caioluders/pocs/blob/main/flipper_rce_xss.js Nice !    #[email protected] #安全文章 XSS to RCE payload example on lab.flipper.net by @caioludersgithub.com/caioluders/pocs/b…Nice !

2022-12-05 11:19   November XSS challenge by @intigriti: writeup video from @H4R3L solution https://www.youtube.com/watch?v=nY7HT1lNHwQ    #[email protected] #安全文章 November XSS challenge by @intigriti: writeup video from @H4R3L solutionpiped.video/watch?v=nY7HT1lN…

2022-11-30 12:05   Finding superhuman XSS polyglot payloads with genetic algorithms, not new, but still a reference! by @3asm_ https://bit.ly/3najfr3    #[email protected] #安全文章 Finding superhuman XSS polyglot payloads with genetic algorithms, not new, but still a reference! by @3asm_ bit.ly/3najfr3

2022-11-30 11:56   Hijacking service workers via DOM clobbering, a nice way to escalate XSS by @garethheyes https://bit.ly/3H0PIMb    #[email protected] #安全文章 Hijacking service workers via DOM clobbering, a nice way to escalate XSS by @garethheyes bit.ly/3H0PIMb

2022-11-29 13:00   Idiosyncrasies of the HTML parser, that is a useful one... https://bit.ly/3VgBGKK    #[email protected] #安全文章 Idiosyncrasies of the HTML parser, that is a useful one...bit.ly/3VgBGKK

2022-11-29 12:53   November XSS challenge by @intigriti https://challenge-1122.intigriti.io/ Enjoy !    #[email protected] #安全文章 November XSS challenge by @intigriti challenge-1122.intigriti.io/Enjoy !

2022-11-18 15:02   Client-side prototype pollution, (almost) everything you need to know is there. By @PortSwigger https://bit.ly/3V8Unja    #[email protected] #安全文章 Client-side prototype pollution, (almost) everything you need to know is there. By @PortSwigger bit.ly/3V8Unja

2022-11-17 11:27   Chromium: Same Origin Policy bypass within a single site a.k.a. "Google Roulette", great finding by @SecurityMB ! https://www.bentkowski.info/2022/11/google-roulette/    #[email protected] #安全文章 Chromium: Same Origin Policy bypass within a single site a.k.a. "Google Roulette", great finding by @SecurityMB !bentkowski.info/2022/11/goog…

2022-11-07 15:43   Case of admin bypass for RCE, XSS and information disclosure, a good article by @caffeinevulns https://bit.ly/3t5F7HJ    #[email protected] #安全文章 Case of admin bypass for RCE, XSS and information disclosure, a good article by @caffeinevulns bit.ly/3t5F7HJ

2022-10-26 10:01   Chaining multiple vulnerabilities for credentials stealing, a good article by @_bergee_ https://bit.ly/3D7PhMw    #[email protected] #安全文章 Chaining multiple vulnerabilities for credentials stealing, a good article by @_bergee_ bit.ly/3D7PhMw

2022-10-25 10:15   Solution of the @intigriti October XSS challenge, by the author @0xGodson_ https://bit.ly/3snWAuy That was a really tough one !    #[email protected] #安全文章 Solution of the @intigriti October XSS challenge, by the author @0xGodson_bit.ly/3snWAuyThat was a really tough one !

2022-10-18 15:14   October XSS challenge by @intigriti https://challenge-1022.intigriti.io/    #[email protected] #安全文章 October XSS challenge by @intigriti challenge-1022.intigriti.io/

2022-10-17 10:34   Mimesweeper payload... by @KilledByAPixel for(d=http://Date.now(i=512),o='<code>';i--;o+=i%32?`<b onclick=innerText='${n>8?'X':n||'.'}'>#</b>`:`<p>`)for(n=j=0;j<9;n+=k%32&k>64&k<514&T(k*k^d)>2?j-5?1:9:0)k=i+j%3+(j++/3<<5)+1 c.outerHTML=o https://www.dwitter.net/d/26299    #[email protected] #安全文章 Mimesweeper payload... by @KilledByAPixel for(d=Date.now(i=512),o='&lt;code&gt;';i--;o+=i%32?`&lt;b onclick=innerText='${n&gt;8?'X':n||'.'}'&gt;#&lt;/b&gt;`:`&lt;p&gt;`)for(n=j=0;j&lt;9;n+=k%32&amp;k&gt;64&amp;k&lt;514&amp;T(k*k^d)&gt;2?j-5?1:9:0)k=i+j%3+(j++/3&lt;&lt;5)+1c.outerHTML=odwitter.net/d/

By QianX.in