Tasos Laskos 1 min read
Script your DOM XSS exploitation workflow

Hello all, I wanted to share some Codename SCNR scripting kung-fu with you. This is something you can use post-scan,...

Read more
Tasos Laskos 1 min read
Following the execution: Taint-tracing in the JS environment

In our previous article we discussed data-flow tracing, i.e. following a piece of data as it travels through the JS...

Read more
Tasos Laskos 1 min read
Following the data: Taint-tracing in the JS environment

Frustratingly enough, something fishy is going on with an input you're manually checking but you can't quite put your finger...

Read more
Tasos Laskos 1 min read
Client-side crawl: A DOM state exploration

Say you need to do a manual pentest on a web application with a lot of client-side code, like a...

Read more
Tasos Laskos 2 min read
Extracting input traits to help with manual pentests

So, suppose we're preparing a manual penetration test of a web application; wouldn't it be nice to be able to...

Read more