“ASPXErrorPath in URL” Technique in Scanning a .Net Web Application

SecProject Web AppSec Challenge Series 1 Results

SecProject Web AppSec Challenge – Series 1

Sometimes no Ninja skill is required to receive money from security bug bounty programs!

Drag and Drop XSS in Firefox by HTML5 (Cross Domain in frames)

Flash ExternalInterface.call() JavaScript Injection – can make the websites vulnerable to XSS

Unrestricted File Download V1.0 – Windows Server

Facebook Redirect Link – New Bypass Method – “:/” after the domain name

JSReg Bypasses – OLD

A Dotty Salty Directory: A Secret Place in NTFS for Secret Files!