- Intigriti XSS Challenge – July 2024July 18, 2024
- tl;dr – How to Exploit “Cross-Origin Resource Sharing: Arbitrary Origin Trusted”August 22, 2023
- Understanding Client-Side Prototype PollutionJuly 1, 2023
- Unicode for Pentesters and Security EngineersMay 6, 2022
- Intigriti XSS Challenge – May 2021June 8, 2021
- Todoist Stored Cross Site ScriptingNovember 26, 2020
- Patch Diffing and Exploiting CVE-2020-13379September 18, 2020
- Streamlining Web Application Testing with Firefox ContainersJune 19, 2020
- Nginx Alias TraversalJune 11, 2020
- Obscuring IP addresses & URLsJune 4, 2020
- Bypassing CloudflareApril 10, 2020