Stored XSS in My Flow To RCE in Opera Browser #2RCE vulnerability inside Opera browser by using an XSS bug on MyFlow feature1d ago21d ago2
Reflected XSS In Main Search, WAF+Sanitizer Bypass Using 2 ReflectionsHey, I just found a reflected XSS in main site search, I used many techniques and bypasses to get the full XSS, you will like it and might…Feb 121Feb 121
Client Side Path Traversal (CSPT) Bug Bounty Reports and TechniquesOver the past year, CSPT bugs have gained significant attention, with numerous blogs and disclosed reports highlighting their impact…Jan 242Jan 242
Arc Browser UXSS, Local File Read, Arbitrary File Creation and Path Traversal to RCEStory of how a malicious legacy boost in Arc browser can be exploited to get UXSS, LFI and RCE in targeted machine by clicking installNov 13, 2024Nov 13, 2024
You Are Not Where You Think You Are, Opera Browsers Address Bar Spoofing VulnerabilitiesAddress bar is one the main components of a browser security and in this blog I show many bugs affecting Opera browsers to spoof address…Oct 24, 2023Oct 24, 2023
Opera Browser VPN BypassWhile looking at Opera functionalities I stumbled upon the built-in VPN inside the browser and I was able to find a technique that allow an…Sep 22, 2022Sep 22, 2022
The Underrated Bugs, Clickjacking, CSS Injection, Drag-Drop XSS, Cookie Bomb, Login+Logout CSRF…Story of 3 bug bounty writeups which I use low bugs and chain them together for higher impact.May 10, 20221May 10, 20221
Facebook Messenger Desktop App Arbitrary File ReadI’m a daily user of Facebook Messenger on Mobile and Web, someday i got a banner in my Web version saying that Messenger is available on…Feb 3, 2021Feb 3, 2021
Copy Drag — Paste DropSmall write-up about drag and drop & cop and paste XSS’s using new browser techniquesJul 4, 2020Jul 4, 2020
Bypass SameSite Cookies Default to Lax and get CSRFSameSite=Lax Cookies by Default is a new browser feature we will look at how to bypass it and what is the security concerns with it..Jan 8, 2020Jan 8, 2020
