top of page
Search
Aug 10, 20201 min read
Today I Learned: Token Hijacking via PDF
PDF files are everywhere and they can be used to hack your web application. Imagine that the attacker prepares a malicious PDF file which...
Jul 29, 20201 min read
Today I Learned: Bypassing Content Security Policy (CSP) via ajax.googleapis.com
Content Security Policy (CSP) is the number one defensive technology in modern web applications. Many developers...
Jul 22, 20201 min read
Today I Learned: Exploiting Race Conditions
A race condition attack is one of the most dangerous and underestimated attacks on modern web applications. It’s related to concurrency...
bottom of page