Tools & Tutorials · 29 articles

Tools & Tutorials

Step-by-step tool guides — BloodHound, Burp, Metasploit, NetExec, Impacket.

Tools & Tutorials

DOM-Based XSS in 2026: Modern Frameworks and Trusted Types

DOM-XSS in modern frameworks — vulnerable sinks (innerHTML, dangerouslySetInnerHTML, v-html, [innerHTML]). Source-to-sink analysis with Semgrep + Burp DOM Invader. The Trusted Types…

Apr 25, 2026 · 2 min read
Tools & Tutorials

CORS Misconfigurations: Deep-Dive on the Common Bypasses

CORS misconfiguration patterns — reflective Origin with Allow-Credentials, null Origin trust, permissive subdomain wildcards, regex bypasses. Test commands, the safe pattern, Express.js…

Apr 25, 2026 · 2 min read
Tools & Tutorials

CSP Bypass Techniques in 2026 and the Safe Defaults

CSP bypasses — JSONP on trusted CDN, AngularJS sandbox, unsafe-inline, wildcard sources, data: URIs, path-based bypasses. The nonce + strict-dynamic + Trusted…

Apr 25, 2026 · 2 min read
Tools & Tutorials

Prototype Pollution Exploitation in JavaScript

Prototype pollution in lodash, jQuery, custom merge utilities. Detection with Semgrep, exploitation paths (auth bypass, RCE chains), the safe-merge pattern with Object.create(null).

Apr 25, 2026 · 2 min read
Tools & Tutorials

Advanced JWT Attacks: kid Path Traversal, JWE Confusion, JWK Trust

Beyond alg:none — kid path traversal, kid SQL injection, jku/x5u trust confusion, embedded jwk header attacks, JWE algorithm confusion. jwt_tool workflow.

Apr 25, 2026 · 3 min read
Tools & Tutorials

WebSocket Security: Cross-Site Hijacking, Auth Gaps, Channel Leakage

WebSocket attacks — CSWSH (cross-site hijacking), per-message auth gaps, input validation, rate-limiting absence, broadcast channel leakage. Burp + wscat testing workflow.

Apr 25, 2026 · 2 min read
Tools & Tutorials

HTTP Request Smuggling: CL.TE, TE.CL, HTTP/2 Desync

Request smuggling variants — CL.TE, TE.CL, TE.TE with obfuscation, HTTP/2 desync. What attackers do (cache poisoning, auth bypass), Burp Smuggler workflow, HTTP/2…

Apr 25, 2026 · 2 min read
Tools & Tutorials

Web Cache Poisoning: Hidden Inputs and Param Miner

Web cache poisoning via unkeyed inputs (X-Forwarded-Host, custom headers, cookies). Burp Param Miner workflow. Cache key configuration as the architectural fix.

Apr 25, 2026 · 2 min read
Tools & Tutorials

WebAssembly Security: The 2026 Attack Surface

Wasm security model — sandboxed VM, memory isolation. What's attackable — memory bugs in Wasm code, JS-Wasm boundary, side-channel, cryptojacking, server-side WASI…

Apr 25, 2026 · 3 min read
Security Guides

theHarvester and Recon-ng: OSINT Toolchain in 2026

theHarvester for breadth-of-source aggregation; Recon-ng for workflow continuity across investigation. Where they fit alongside modern tools (subfinder, amass, SpiderFoot, Maltego) in 2026…

Apr 25, 2026 · 2 min read