Amin Nasiri
@aminnasiri.com
Fan of reading RFCs and interested in playing with different versions of HTTP and web-related protocols & also inductive reasoning; a Hitchhiker when I am AFK;
https://aminnasiri.com
https://github.com/nxenon
https://aminnasiri.com
https://github.com/nxenon
Reposted by Amin Nasiri
Extended the starter with shy writers! 😀 If you're not on the list but write about web security, then feel free to reply with the article you're most proud of, and I will add you to the pack!
Make sure to resubscribe to not not miss on the amazing 🌐research!
go.bsky.app/9JXnB17
Make sure to resubscribe to not not miss on the amazing 🌐research!
go.bsky.app/9JXnB17
December 10, 2024 at 10:29 PM
Extended the starter with shy writers! 😀 If you're not on the list but write about web security, then feel free to reply with the article you're most proud of, and I will add you to the pack!
Make sure to resubscribe to not not miss on the amazing 🌐research!
go.bsky.app/9JXnB17
Make sure to resubscribe to not not miss on the amazing 🌐research!
go.bsky.app/9JXnB17
Reposted by Amin Nasiri
Learn how to conceal payloads in URL credentials and abuse them for DOM XSS and DOM Clobbering, in this post from @garethheyes.co.uk
portswigger.net/research/con...
portswigger.net/research/con...
Concealing payloads in URL credentials
Last year Johan Carlsson discovered you could conceal payloads inside the credentials part of the URL . This was fascinating to me especially because the payload is not actually visible in the URL in
portswigger.net
October 25, 2024 at 7:32 AM
Learn how to conceal payloads in URL credentials and abuse them for DOM XSS and DOM Clobbering, in this post from @garethheyes.co.uk
portswigger.net/research/con...
portswigger.net/research/con...