Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (Cyborg)
  • No Skin
Collapse
Brand Logo

CIRCLE WITH A DOT
marduk_james@infosec.exchangeM

marduk_james@infosec.exchange

@marduk_james@infosec.exchange
About
Posts
2
Topics
2
Shares
0
Groups
0
Followers
0
Following
0
View Original

Posts

Recent Best Controversial
  • I just published a write-up on prototype pollution and how it leads to XSS.
    marduk_james@infosec.exchangeM marduk_james@infosec.exchange

    I just published a write-up on prototype pollution and how it leads to XSS.

    The key idea: you’re not injecting into the sink—you’re controlling the property lookup that eventually reaches it.

    Pollute → Gadget → Sink → Execution

    Includes examples and common vulnerable patterns (merge functions, __proto__, etc.)

    Just a moment...

    favicon

    (medium.com)

    #Cybersecurity #WebSecurity #AppSec #Infosec #BugBounty

    Uncategorized cybersecurity websecurity appsec infosec bugbounty
  • DOM XSS isn’t always in the HTML.
    marduk_james@infosec.exchangeM marduk_james@infosec.exchange

    DOM XSS isn’t always in the HTML.

    Sometimes your input never appears in the Source because JavaScript is building the page.
    Source → Sink → Execution in real-world DOM flows.

    Just a moment...

    favicon

    (medium.com)

    #infosec #cybersecurity #bugbountytips #websecurity #OWASP

    Uncategorized infosec cybersecurity bugbountytips websecurity owasp
  • Login
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups