Tuesday, March 19, 2019

[🌐💧💥] HTTP Cache Cross-Site Leaks

In this blog post I want to talk about a cool type of attacks ( XSLeaks ) that are cooler than what most developers and security researchers...
Thursday, December 28, 2017

The optimal way of rewarding duplicates (and why it sucks anyway)

Disclaimer : As it's the case for all blog posts, this is a personal blog post, and I'm not talking on behalf of my employer! This ...
Saturday, February 11, 2017

Vulnerability disclosure in an era of vulnerability rewards

Note : This (and every post in this blog) is a personal blog post which expresses my personal opinion, and doesn't necessarily have to b...
Wednesday, February 08, 2017

🤷 Unpatched (0day) jQuery Mobile XSS

TL;DR - Any website that uses jQuery Mobile and has an open redirect is now vulnerable to XSS - and there's nothing you can do about it...
Wednesday, January 25, 2017

Fighting XSS with 🛡 Isolated Scripts

TL;DR : Here's a proposal for a new way to fight Cross-Site Scripting vulnerabilities called  Isolated Scripts . You have an open-source...
Monday, January 23, 2017

Measuring web security mitigations

Summary : This past weekend I spent some time implementing a prototype for a web security mitigation, and I also spent some time thinking w...
Tuesday, December 27, 2016

How to bypass CSP nonces with DOM XSS 🎅

TL;DR  - CSP nonces aren't as effective as they seem to be against DOM XSS. You can bypass them in several ways. We don't know how ...