Bypassing XSS filters
Published:
In this post, I am describing some payloads which I used to bypass two distinct XSS filter implementations (such as Web Application Firewalls (WAF)) as well as the approach to design them.
Published:
In this post, I am describing some payloads which I used to bypass two distinct XSS filter implementations (such as Web Application Firewalls (WAF)) as well as the approach to design them.
Published:
A sequence diagram for WebSub.
Published:
An interesting note from the FBI.
Published:
Some diagrams (mostly sequence diagrams) about UMA 2.0.
Published:
Some notes on X3DH (Extended Triple Diffie-Hellman).
“Welcome to the Warp Zone!”
Published:
This post is an overview of the different tunneling options available in OpenSSH. This is inteded as a reference to use when I am explaining (every so often) how to use SSH for tunneling.
Layers all the way down
Published:
A collection of ASCII-art protocol stack diagrams.
ニャーニャー
Published:
In Debian kitty
package, the kitty-open.desktop
file would associate kitty +open
with several MIME types. This could be used to arbitrary trigger code execution by serving a file with such a MIME type.
This has been introduced in kitty in 73a197fcd (2022-02-06) released as part of v0.24.3. This has been fixed in v0.26.5-5 of the Debian kitty package. Fixed upstream in 537cabca7 released in v0.29.0. Other distributions such as Ubuntu Lunar are still impacted.
Published:
Some tools and other notes when you just want to analyze your structured log files locally using simple tools with a focus for newline-delimited JSON (NDJSON) / JSON lines / JSON Text Sequences.
Published:
A simple way to display image in a terminal using the iTerm2 image protocol. This is supported by iTerm2, WezTerm, recent versions of Konsole.
Page 1 of 10 | Previous page | Next page | JSON Feed | Atom Feed