An Introduction to CSRF Attacks

 - 2 min read | 
  • csrf

An introduction on how to perform a Cross Site Request Forgery at its most basic form.

Host header authentication bypass

 - 2 min read | 
  • authentication
  • host-header

How to leverage the Host HTTP header to bypass admin authentication and delete an arbitrary user account.

Web cache poisoning via ambiguous HTTP request

 - 3 min read | 
  • cache-poisoning
  • host-header

How you can trick a web application to send resources from a malicious host using the host header.

Basic password reset poisoning via Host Header

 - 4 min read | 
  • authentication
  • host-header

An introduction to exploiting password reset vulnerabilities via the Host Header.

Monitor your work station with Elastic Stack

 - 3 min read

A complete guide to monitoring your wort station with Elasticsearch, Kibana, and various Beats.

How to generate text with OpenAI's GPT-2, React and Flask

 - 3 min read

A simple Flask & React app to demonstrate how to generate text with OpenAI's GPT-2.

Running a Node.js app with Docker, Kubernetes and Minikube

 - 6 min read

Make your dev environment closer to prod by running Kubernetes locally with Minikube.

Sneaky fingerprint and IP address tracker

 - 4 min read

A small React app to demonstrate how to collect a device's fingerprint and IP address metadata.