You might have seen a blog post or came to the conclusion that urls are in fact valid JavaScript such as: http://thespanner.co.uk (label) (comment) That’s weird and cool but how do we execute JavaScript from the url? Something like: http://thespanner.co.uk\nalert(1) (label) (comment) (newLine) (functionCall) Trouble is the new line isn’t allowed inside the browser url [...]

XSS technique without parentheses

This is a very old technique I discovered years ago which I used to bypass a filter and it’s pretty awesome. It might come in handy to bypass a WAF or filter since it’s not public until now. First you need to understand (which you probably do) that the window object is the default object [...]

RIPS static source code analyser

RIPS is a static source code analyser and is one awesome piece of coding by @fluxreiners. Use it now to scan your PHP files for vulnerabilities. It can detect XSS, SQLi, File disclosure, LFI/RFI, RCE and lots more and it’s free. I’m downloading the current version now 0.52, so should you!

Data enumeration tutorial in Shazzer

Over the last few days I’ve finally fixed a data enumeration bug that was haunting a new feature in Shazzer. Originally Shazzer just mutated one character at a time to discover characters which influenced the fuzz vectors in interesting ways. I decided to expand that to include data. I called the feature “datasets” because you [...]

Introducing Shazzer: A shared online fuzzer

I lost inspiration for coding a while ago and had this idea I was sitting on for a while, I’m often stuck at the design stage before I write a line of code and I will refuse to continue without a clear picture in my head on how an app is going to work. After [...]