←
Home
Archive
Tags
About
Subscribe
Spaceraccoon's Blog
InfoSec and White Hat Hacking
2022
Dec 17
I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS
web
code review
Sep 19
Challendar: Creating a Challenge for The Infosecurity Challenge 2022
dev
web
code review
Aug 29
Exploiting Improper Validation of Amazon Simple Notification Service SigningCertUrl
cloud
web
code review
Aug 18
You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications
desktop
red team
web
ios
android
Feb 3
Solving DOM XSS Puzzles
web
code review
2021
Nov 26
The InfoSecurity Challenge 2021 Full Writeup: Battle Royale for $30k
desktop
binary
reverse engineering
dev
code review
web
android
api
red team
2020
Dec 23
Supply Chain Pollution: Hunting a 16 Million Download/Week npm Package Vulnerability for a CTF Challenge
web
code review
May 15
Closing the Loop: Practical Attacks and Defences for GraphQL APIs
web
api
Apr 5
Same Same But Different: Discovering SQL Injections Incrementally with Isomorphic SQL Statements
web
Feb 18
A Tale of Two Formats: Exploiting Insecure XML and ZIP File Parsers to Create a Web Shell
web
Jan 12
Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2
web
