DOM-based Cross-site scripting (XSS) vulnerabilities rank as one of my favourite vulnerabilities to exploit. It’s a bit like solving a puzzle; sometimes you get a corner piece like $.html(), other ...

Meg is the tool for efficiently and securely enumeration endpoints on your targets! The post Meg – Hacker Tools: Endpoint scan the masses! 👩‍💻 appeared first on Intigriti.

EyeWitness is an incredibly tool that allows you to quickly get a feel for what assets to target first. We all know hundreds of content discovery tools that give us vast amounts of data, but do we ...

Update: nominations are now closed, but voting is live! Cast your vote here. Nominations are now open for the top 10 new web hacking techniques of 2021! Every year security researchers share their ...

Wishing you and your loved ones a very happy new year!

Ad blockers like uBlock Origin are extremely popular, and typically have access to every page a user visits. Behind the scenes, they’re powered by community-provided filter lists - CSS selectors that

From 29 October to 14 November 2021, the Centre for Strategic Infocomm Technologies (CSIT) ran The InfoSecurity Challenge (TISC), an individual competition consisting of 10 levels that tested parti...

As a bug bounty hunter, you need to get a good view of all the pages and endpoints your targets host. Manually enumerating these can become labour intensive, boring and on top of that, is prone to ...

By searching for DBF-related vulnerabilities in Microsoft’s desktop database engines, I took one step towards the deep end of the fuzzing pool. I could no longer rely on source code review and dumb...

Recently I’ve been interested in 3D CSS and I wanted to learn more about it. I was inspired by Amit Sheen’s CodePen’s and decided to build my own 3D world. This was a great learning experience beca...