DOMLogger++ v1.0.9 is now out and available! 🎉 This update fixes a lot of issues, including the historical DevTools bug on Chromium 🔥 It also brings full Caido session handling, which is going to be useful in the near future! 👀 👉 github.com/kevin-mizu/dom… 1/2

Using a CSPT to exploit a seemingly unexploitable cache deception, really cool stuff! Check the full episode here: youtu.be/sTG-OX5BbBc?si…

It's out!! You can now watch Daniel Jurado's and Niemand talk: "Prompt. Scan. Exploit - Ai's Journey Through Zero-Days, and a Thousand Bugs". Learn more about XBOW and autonomous hacking. You can watch it in our Youtube channel exclusively: youtu.be/y_aQQmDMaY4. Enjoy!

Unicode whitespace normalization + HTTP Param/Cookie Pollution = pwnage

I’m with Dave Kennedy This is my daughter. She is amazing. Life is about this. God is real. ✝️

HTTP Request Smuggler v3.0.1 is now live! This fixes a false positive in the CL.0 scan caused by pipelining - thanks to sw33tLie for the report. Note that the new parser discrepancy scan still has superior accuracy. For more info on pipelining check out portswigger.net/research/how-t…

Enroll now in BSides Northern Virginia's Hacker U: Where Curiosity Becomes Capability! The sleek and modern GMU - Mason Campus in Arlington will be our quad for the day. Don't miss it! Workshops: Fri, October 10th Conference: Sat, October 11th Register: eventbrite.com/e/bsidesnova-2…

Should Programs Let Us Hack Without WAFs? > Full episode: youtu.be/rr5VvMx4dT0

Angel Hacker and I are excited to be presenting BSidesNoVA!

"WAFs live in a sources world, bug hunters live in a sinks world" > Full episode: youtu.be/rr5VvMx4dT0

Our #BSidesNoVA schedule is live! Hacker U: Where Curiosity Becomes Capability Workshops Fri Oct 10th Conference Sat Oct 11th Arlington, Virginia bsidesnova-2025.sessionize.com/schedule

Mason CEC George Mason News Proud to have represented George Mason University over the summer, when I co-presented at Black Hat, a premier security industry conference. #MasonNation

A brief but insightful version of Ryan Barnett (B0N3) and Angel Hacker's presentation, packed with great knowledge I missed at DEF CON! youtu.be/-b1sIZhOZbk

Mason CEC George Mason News I’m thrilled as a George Mason University student that I have the honor of co-presenting at BSidesNoVA on Mason’s campus! #MasonNation

Cross-Site Scripting (XSS) has been a known vulnerability class for two decades, yet it continues to surface in modern applications, including those built with the latest frameworks and cloud-native architectures. At Microsoft, we’ve triaged nearly 1,000 XSS cases since January

Ryan's "Self Inflicted" XSS

WAFs vs. Payloads, the Never Ending Battle!

Black Hat has posted my full keynote from Black Hat USA 2025. What an amazing stage, and 12,000 people in the audience. Thank You. Here's the video. youtube.com/watch?v=H14EhT…

We're looking for some real heroes to volunteer for #BSidesNoVA - Friday, October 10th and/or Saturday, October 11th at George Mason University Arlington, VA campus. docs.google.com/forms/d/e/1FAI…

Sneakers (1992) That time Robert Redford predicted the future and outsmarted Elon Musk. We've lost a true movie Legend today.