Published inInfoSec Write-upsBrave Browser Script Blocker Bypass VulnerabilityIn this write-up, I want to share a vulnerability in Brave browser that I discovered a few days ago. Brave browser is an open-source…Oct 13, 2018Oct 13, 2018
Published inInfoSec Write-upsHSTS Bypass Vulnerability in IE PreviewThis is a write-up of an old vulnerability in Internet Explorer preview that I discovered in 2015. It is a partial HSTS bypass…May 15, 2018May 15, 2018
Published inInfoSec Write-upsLet’s Figure out how Notepad Supports Unix Line Endings (Part II)This article continues the discussion on how Notepad supports Unix and Macintosh line endings. In Part I, we have discovered how…May 13, 2018May 13, 2018
Published inInfoSec Write-upsLet’s Figure out how Notepad Supports Unix Line Endings (Part I)Microsoft recently announced that Notepad will support Unix and Mac line endings, starting with the current Windows 10 Insider Preview…May 11, 2018May 11, 2018
Published inInfoSec Write-upsFind Edge’s HSTS Preload List (Part I)In this article, I will discuss how I find out the HSTS preload list of Edge browser. This is not a vulnerability in Edge. I hope you still…Apr 20, 2018Apr 20, 2018
Published inInfoSec Write-upsBypass CSP by Abusing XSS Filter in EdgeIn this article, I will share a Content Security Policy (CSP) bypass vulnerability in Microsoft Edge, which I discovered in December 2016…Apr 15, 20181Apr 15, 20181
