2024

• 01 Oct Exploiting trust - Weaponizing permissive CORS configurations
• 30 Sep Empowering Junior Testers - Strategies for Uncovering Critical Vulnerabilities in Web Applications
• 19 Feb Cross-site scripting attacks in action and how to protect against them

2023

• 11 Dec Making Web Cache Deception critical in 30 minutes
• 15 Nov Can traditional pen testing keep up with modern AppSec? Ask the pen tester
• 06 Sep Using HTTP request smuggling to hijack users' sessions
• 12 Mar Account takeover vulnerability in Azure’s API Management Developer Portal