An XSS attack in action
September 6, 2019
Teh Cookie Monster. A full example of how XSS can lead to full account takeover.
Hacking My Bank. For teh lulz.
July 11, 2016
I lost count how many exploits I found in my bank. They have a huge attack surface.
Mocking the Military; Hacking Hackers
April 5, 2016
I found a way to add pages to the U.S. Department of Defence. Of course I took the piss. Also, hacking hackers bonus content.
Scoot.co.uk XSS
April 17, 2015
Stored XSS in several nationwide UK newspapers. One XSS to rule them all.
How to: not get hacked
April 8, 2015
Most people don't really care about security. We hope and believe our computers take care of security for us. Posting the latest Facebook update pretending to be our cat is far more important. The cat…
AV Arcade XSS Exploit
June 6, 2009
During registration, the user name field of the AV Arcade script is open to a stored XSS attack. Code will be processed on the members page. The malicious code can be overflown to the homepage…
Password Security Tips
July 4, 2008
A simple list of Dos and Donts to consider when creating new accounts or updating passwords for current accounts you have. It may sound simple, but mistakes can often be made when in a rush…
