Vuk IvanovicinInfoSec Write-upsDisabling js for the win,or how reading the html code w/ care lead to rce through file uploadFeb 10, 2023Feb 10, 2023
Vuk IvanovicinInfoSec Write-upsPortswigger Lab: JWT authentication bypass via algorithm confusion with no exposed key, a slightly…, or how I learned the importance of RTFM yet againDec 12, 2022Dec 12, 2022
Vuk IvanovicinInfoSec Write-upsFun with TurboIntruder,or, how to get ffuf with a gui while also doing some py codingNov 3, 2022Nov 3, 2022
Vuk IvanovicinInfoSec Write-upsPortswigger Labs, how to get the most out of itor why looking up the solution underneath the lab isn’t cheating, it’s part of learningAug 22, 2022Aug 22, 2022
Vuk IvanovicinPredictNo matter how you look at we are living in some type of Matrix, the only question is why are some…Compared to religious view of existence? With the yet another sequel of the Matrix, and everything that has been happening since the first…Aug 21, 2022Aug 21, 2022
Vuk IvanovicinInfoSec Write-upsSalesforce bug hunting to Critical bugOr how I learned that some bugs are truly rareAug 15, 20222Aug 15, 20222
Vuk IvanovicinInfoSec Write-upsFFUF-ing RECON, or how to get to P1–P3 from a slightly different reconJul 17, 20222Jul 17, 20222
Vuk IvanovicinInfoSec Write-upsA story of another awesome old school hacking that lead to a cool P1 bugor how Response 200 OK w/ size 0 doesn’t always mean 0Oct 22, 2021Oct 22, 2021
Vuk IvanovicinPredictA (clever) numpy hack for template matchingor a lousy yet working code as long as the solution is supportedOct 14, 2021Oct 14, 2021
Vuk IvanovicinInfoSec Write-upsEasy SSRF using Match and Replace, and a bonus on how to have your burp collaborator/server go…Match and Replace part is present in both paid and free editions of burp, and combined with the below link this should be useful for…Oct 4, 2021Oct 4, 2021