Vuk IvanovicDisabling js for the win,or how reading the html code w/ care lead to rce through file upload·3 min read·Feb 10, 2023----
Vuk IvanovicPortswigger Lab: JWT authentication bypass via algorithm confusion with no exposed key, a slightly…, or how I learned the importance of RTFM yet again·5 min read·Dec 12, 2022----
Vuk IvanovicFun with TurboIntruder,or, how to get ffuf with a gui while also doing some py coding·4 min read·Nov 3, 2022----
Vuk IvanovicPortswigger Labs, how to get the most out of itor why looking up the solution underneath the lab isn’t cheating, it’s part of learning·5 min read·Aug 22, 2022----
Vuk IvanovicinPredictNo matter how you look at we are living in some type of Matrix, the only question is why are some…Compared to religious view of existence? With the yet another sequel of the Matrix, and everything that has been happening since the first…·4 min read·Aug 21, 2022----
Vuk IvanovicSalesforce bug hunting to Critical bugOr how I learned that some bugs are truly rare·3 min read·Aug 15, 2022--2--2
Vuk IvanovicFFUF-ing RECON, or how to get to P1–P3 from a slightly different recon·3 min read·Jul 17, 2022--2--2
Vuk IvanovicA story of another awesome old school hacking that lead to a cool P1 bugor how Response 200 OK w/ size 0 doesn’t always mean 0·2 min read·Oct 22, 2021----
Vuk IvanovicinPredictA (clever) numpy hack for template matchingor a lousy yet working code as long as the solution is supported·6 min read·Oct 14, 2021----
Vuk IvanovicEasy SSRF using Match and Replace, and a bonus on how to have your burp collaborator/server go…Match and Replace part is present in both paid and free editions of burp, and combined with the below link this should be useful for…·4 min read·Oct 4, 2021----