↓ Skip to main content

XSS

From Self-XSS to PII leakage via WAF bypass, CSRF login and window.opener abuse

19 March 2026·2310 words·11 mins

A CTF-Style XSS Chain in the Wild: DOM Clobbering, Gadgets, and CSP Bypass

30 January 2026·1365 words·7 mins

Intigriti's August 2024 (Defcon) Challenge

10 August 2024·1992 words·10 mins

SekaiCTF 2023: Golf Jail (Web)

28 August 2023·1508 words·8 mins

How I met JavaScript Reflect (thanks to playing CTF)

30 May 2023·1346 words·7 mins