Wednesday, August 13, 2025

OpenCPN Export GPX Navigation Route - CVE-2025-XXXXX

In OpenCPN, each exported route is accessible via a predictable, incrementally number ID in the URL. An attacker who obtains or guesses a si...
Monday, November 4, 2024

GPT: Burp Suite Exploit Validation, AI-Generated 0-Day Payloads and More

Ever since the day I had GPT-4 write a widget-chain for an old 0-day in five minutes that originally took me two or three work days to creat...
Wednesday, December 28, 2022

Input-Format-Depedent-XSS: Restrictions Are Your Best Friend!

Recently, I had a stubborn form where I attempted XSS in the free text fields, without success. Eventually, I also started looking at other ...
Friday, November 18, 2022

Open Redirects - Payload List vs Manual Testing

  In order to bypass a fix for a open redirect a second time, you may need to get creative with your payload list. The original issue was ex...

Captcha Bypass Using Tesseract OCR and Python

import cv2 import pytesseract from urllib.request import urlopen import numpy as np from bs4 import BeautifulSoup import requests import url...
Tuesday, July 26, 2022

Twitter Removed the Blocked Account Export - Let's Put it Back!

I'm reposting my post from Stack Overflow here (+ the script) in case it gets deleted. Other users have also noticed Twitter's ...
Saturday, April 16, 2022

Reporting Library RCE (Object Chaining) - CVE-2021-42777

  Similar to CVE-2020-15865 . However, this one was a little trickier because I could only execute chained C# commands that ultimately ret...