🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Small tip for the JavaScript reverse engineers out there, Chrome has a `debug()` function which triggers a breakpoint whenever its first argument is called. It even works on built-in methods, no more wrapping stuff in proxies :D debug(DOMParser.prototype.parseFromString)

My new research Escalation of Self-XSS to XSS using modern browser capabilities. blog.slonser.info/posts/make-sel…

Many great techniques covered in this writeup for different cheesy 🧀 strategies and client-side fun. Show them some love! I promise you'll learn something new:

⏰ It's CHALLENGE O'CLOCK! 👉 Capture the flag before Thursday the 26th of June 👉 Win €400 in SWAG prizes 👉 We'll release a tip for every 100 likes on this tweet Thanks ToG for the challenge 👇 challenge-0625.intigriti.io

This is a Public Service Announcement to all client-side challenge authors: *XSS on any localhost origin makes RCE possible on selenium!*

⏰ It's CHALLENGE O'CLOCK! 👉 Pop an alert before Friday the 18th of July 👉 Win €400 in SWAG prizes 👉 We'll release a tip for every 100 likes on this tweet Thanks Jorian for the challenge 👇 challenge-0725.intigriti.io

A tiny blog post of mine about exploiting self-XSS using disk cache— inspired by Jorian Hope you like it! mey-d.github.io/posts/self-xss…

Intigriti Jorian Cool challenge Jorian! Solved with DrBrix

Not many solves yet, this hint should get you somewhere. Good luck on the final stretch!

I made a hard one 😅 But, it involves some very interesting Mutation XSS & DOM Clobbering fun combined with a CSP Bypass using the powerful SocketIO gadget. Everything's explained in my writeup below! jorianwoltjer.com/blog/p/ctf/int…