Published inInfoSec Write-upsBypassing WAF to Weaponize a Stored XSSWhile testing a bug bounty program, I’ve noticed my <u>html injection</u> payload worked while spraying it to every field that is reflected…May 17, 20223May 17, 20223
Published inInfoSec Write-upsMultiple HTTP Redirects to Bypass SSRF ProtectionsAlways try more than one HTTP 302 redirects when testing for SSRFJan 29, 20221Jan 29, 20221
