Bypassing Quotes Filters: String.fromCharCode() to the Rescue
XSS Series - Part 6December 20, 2025
Learn how String.fromCharCode() can bypass filters that remove quotes, and why filtering specific characters isn't enough for XSS protection
December 2025
Building llmsh: Natural Language Commands for the Terminal
December 19, 2025
How I built a zsh plugin that transforms natural language into shell commands using Ollama and fzf, making terminal workflows faster and more intuitive
Bypassing Parentheses Filters: Template Literals to the Rescue
XSS Series - Part 5December 19, 2025
Learn how JavaScript template literals can bypass filters that remove parentheses, and why filtering specific characters isn't enough for XSS protection
Bypassing Filters with JSFuck: When Character Restrictions Aren't Enough
XSS Series - Part 4December 18, 2025
Learn how JSFuck can bypass filters that remove alphanumeric characters, and why simple character filtering is insufficient for XSS protection
Persistent XSS Through APIs: A Practical Analysis
XSS Series - Part 3December 17, 2025
Exploring how persistent XSS vulnerabilities can be exploited through API endpoints and how to prevent them
Learning XSS Through Practice: Baby Challenge Walkthrough
XSS Series - Part 2December 16, 2025
A beginner-friendly walkthrough of three XSS challenges that teach you exactly what Cross-Site Scripting is and how it works through hands-on practice
Understanding XSS: Cross-Site Scripting Basics
XSS Series - Part 1December 15, 2025
A comprehensive introduction to Cross-Site Scripting (XSS) attacks, covering types, techniques, and defense strategies
November 2025
Route Discovery in SPAs: Security Testing with Headless Browsers
November 28, 2025
Building a custom tool for discovering hidden routes in Single Page Applications using headless browser automation
Understanding Brute Force Attacks: From Theory to Practice
November 10, 2025
A practical guide to brute force attacks, demonstrating exploitation techniques and mitigation strategies using OWASP Juice Shop