Submissions by cujanovic

SSRF (Server Side Request Forgery) Testing Resources

Open Redirect Payloads

SSRF Testing resources – tools and links to help you test for SSRF in web apps

How I Hacked My Smart TV from My Bed via a Command Injection

CVE-2016-8610 (SSL Death Alert) PoC

The State of Wordpress Security

Backslash Powered Scanning: Hunting Unknown Vulnerability Classes

Linux containers in 500 lines of code

CSRF protection bypass on any Django powered site via Google Analytics

How I gained access to TMobile’s national network for free

Nginx resolver vulnerabilities allow cache poisoning attack

How I Could Have Hacked Multiple Facebook Accounts

Vulnerability in the Linux kernel's tcp stack implementation

The Imperva HTTP/2 Vulnerability Report and NGINX

How to steal any developer's local database

HTTP/2: Faster and better than HTTP 1.1, but is it more secure? [pdf]

Mr Robot S02E01 easter egg

Firefox – Same-Origin Policy Bypass (CVE-2015-7188)

Debian Exim Spool Local Root

Auditing CSP Headers with Burp and ZAP

XSS and WordPress – The Aftermath

Nginx: Supporting HTTP/2 for Google Chrome Users

Integer Overflow in php_html_entities()

Mr. Robot Blind SQL Injection Vulnerability

Jenkins Security Advisory 2016-05-11

WordPress 4.5.1 XSS

Hogwatch – a bandwidth monitor that shows per process network transfer