Avatar
🗣️

Organizations

Popular posts

  1. In this post, I break down three real-world vulnerabilities found in WordPress plugins — from unsafe deserialization to arbitrary file upload — and show how they can lead to full compromise.Includes analysis, PoCs, and exploitation details.
    Author: Martino Spagnuolo

    wordpress php exploit

  2. Uncovering the unexpected behaviors of JavaScript strings and the challenges posed by UTF-16 encoding
    Author: Luca Famà

    javascript unicode xss utf-16

  3. While modern defenses have made CSRF vulnerabilities more challenging to exploit, emerging techniques still pose significant threats
    Author: Luca Famà

    CSRF SameSite Cookie Path Traversal

  4. Let’s take a look at the most common OAuth2 misconfigurations that can lead to vulnerabilities
    Author: Luca Famà

    oauth misconfigurations authorization csrf

  5. Exploring security risks in a ‘Secure by Design’ and modern transport protocol
    Author: Luca Famà

    QUIC HTTP/3 protocol impersonation DNS

  6. Legit features often turn into something unexpected: an Insomni’hack Teaser 2024 challenge writeup
    Author: Cesare Pizzi

    Reverse engineering ctf dot net R2R

Post activity