What's New?

7 May 2021

Stored DOM-based XSS on Xiaomi

Yesterday I just found Stored XSS on the Xiaomi Forum via Markdown, now I found Stored DOM-based XSS on the Xi...

3 May 2021

WinRAR XSS

A few days ago I found a Cross-site Scripting Vulnerability on WinRAR, now I want to share how I found the vul...

30 April 2021

Reflected DOM-based XSS on DomaiNesia

Here I will share how I found Reflected DOM-based Cross-site Scripting in DomaiNesia using Burpsuite. First...

27 April 2021

Exploiting XSS via Markdown on Xiaomi

What is Markdown? Markdown is a text-to-HTML conversion tool that can be used when creating web content...

25 April 2021

N45HT Vulnerability Disclosure Program

No technology is perfect, and N45HT believes that working with skilled security researchers across the globe i...

25 April 2021

Reflected XSS on Microsoft

First I did a little search on the Microsoft domain using Google Dork below, site:*.*.microsoft.com ext:...

31 March 2021

XSSR: An automatic XSS scanner

XSSR - An automatic XSS scanner Is an automatic Cross-site Scripting scanner application with We...

25 March 2020

API: Subdomain Enumeration

Subdomain Enumeration is the process of finding sub-domains of a domain, this is an important phase in a recon...