Latest Posts

PHP object Injection via Cookie unserialize() - Nuit du hack CTF Web 100 writeup
Reading local files with PHP object Injection via Cookie unserialize() (Nuit du Hack 2016 web 10 writeup)
Markdown based Stored XSS in Zendesk !
How markdown can help in triggering XSS ?
How I got a shell on Google Acquisition ?
Getting a shell on Google Acquisition.
SSRF vulnerability on Google's Feedburner
SSRF bug in Google's feedburner.
Slaying the Dragon - CSAW 2015 REV 500 writeup
Writeup for 500 point reversing challenge wyvern