The Eternal Dichotomy: Cookies vs JWTsDesign considerations for state maintenance will have security consequencesJan 14, 2024Jan 14, 2024
Canvas of Intrigue: A `Refreshing` Approach to Session Token Exfiltration with XSSA story of infiltration transcending security layers with a novel approachSep 30, 2023Sep 30, 2023
Cookie Conundrum: Why the Root Path Isn’t Always RightSubdirectory hosting, also known as subfolder hosting, is a web hosting approach where multiple web applications are hosted under a single…Sep 23, 2023Sep 23, 2023
Templating the Unthinkable: From Injection to Remote ControlA Tale of Server Side Template Injection leading to Remote Code ExecutionAug 9, 20231Aug 9, 20231
Decoding a known vulnerability on jquery-ui (CVE-2022–31160)Often these days, web applications are built with fragile architectures which depend on various open source dependencies directly or…Jul 2, 2023Jul 2, 2023
Cross-Site Scripting on a Text EditorCross-site scripting is the most pervasive vulnerability in web applications. There are many approaches and contexts to acheive this…Apr 4, 2023Apr 4, 2023
Comprehensive guide on SAML Authentication attacksSecurity Assertion Markup Language (SAML)Feb 12, 2023Feb 12, 2023
DNS Rebinding attackDNS Rebinding is a method of bypassing Same Origin Policy by manipulating DNS resolutionFeb 8, 20231Feb 8, 20231
