-
Relative Path File Injection: The Next Evolution in RPO
The author has discovered a technique named Relative Path File Injection (RPFI) while exploring injection vulnerabilities. RPFI allows injecting arbitrary file data into a user’s download via a relative anchor tag. The technique works similarly… Read more
-
Frameset injection no equals – An Impossible Challenge.
The post discusses challenges in solving an “impossible” XSS lab at Portswigger Research. It explores injecting code within a frameset while avoiding equal signs. Despite limitations, the writer discovers potential solutions using AngularJS, outdated doctypes,… Read more
Proudly powered by WordPress
ionatomics security blog 