Client-side hacking techniques

.js Files Are Your Friends | @zseano

JS files are a goldmine of information but working with them isn’t easy. In the NahamCon talk, zseano shows us his approach to JS files. Watch the full talk here or continue to read my notes. Endpoints in JS files These days it’s very common to use client-side JS code...

Beating HTML Sanitisers

HTML is incredibly complex. With all the namespaces, foreign objects and integration points, it’s incredibly difficult to sanitise well. Not to even mention doing some custom transformations on the sanitised HTML which, (un)fortunately, some companies try to apply. If...