2025

• 15 Apr HTTP header hacks: basic and advanced exploit techniques explored
• 27 Mar The art of payload obfuscation: how to mask malicious scripts and bypass defence mechanisms
• 18 Mar HTTP fingerprinting – sleuthing for a web application’s hidden vulnerabilities
• 20 Feb Recon Series #2: Subdomain enumeration – expand attack surfaces with active, passive techniques
• 11 Feb XSS attacks and exploitation: The ultimate guide to cross-site scripting

2024

• 22 Oct White-box penetration testing: How to debug for JavaScript vulnerabilities
• 12 Sep White-box penetration testing: Debugging for Python vulnerabilities
• 28 Aug Limitations are just an illusion - advanced server-side template exploitation with RCE everywhere
• 19 Jul White-box penetration testing with Xdebug: Debugging for PHP vulnerabilities
• 14 May Limited SSRF with blind file read, resulting in full file read
• 12 May Infected signature in PDF document leads to mass account takeover
• 14 Feb Smart Automation With Burp Suite

2023

• 08 Dec Exploring JavaScript's Exploits: A Deep Dive Into XSS Vulnerabilities
• 06 Jul Web Application Black-Box Testing
• 08 Jan Use BCheck To Improve Vulnerability Scanning

2022

• 11 Oct Web Application Firewall Bypass