Tag: exploit tutorial

Fuzzing Browsers for weird XSS Vectors

After last video about how masato found the HTML sanitizer bypass, I thought we could talk a bit more about fuzzing. Because fuzzing is actually a typical technique to do XSS and weird browser research. Luckily gareth recently shared this tweet with a new interesting firefox parsing issue. So et’s first explore what is this

CSS Keylogger – old is new again

The motivation for this video comes from this CSS keylogger example shared on HackerNews, twitter and reddit and it’s incredible popular. The github repository with this example has thousands of stars after just a day. And I find this quite fascinating… But before we get into this particular example, let’s got back in time to