Circumventing CSP Restrictions to Exfil Data from an XSS Foothold
Exfiltrate sensitive data from XSS contexts via Cross-Document Messaging
Andres Rauschecker
iOS DNS Adblocking while on Cellular
Configuring a loopback VPN interface that uses AdGuard DNS blocking for cellular connections
SQL Injection Without Spaces Using Brackets
A new bypass technique that can be used when spaces are not accepted in an SQL injection payload
Burp Suite Dynamic Scope Template for Pentesters
Setting up a custom Burp template that can act as a daily driver template with proper scope control and traffic filtering