An Introduction to CSRF Attacks

Oct 21, 2020 - 2 min read | 

• csrf

An introduction on how to perform a Cross Site Request Forgery at its most basic form.

Host header authentication bypass

Oct 21, 2020 - 2 min read | 

• authentication
• host-header

How to leverage the Host HTTP header to bypass admin authentication and delete an arbitrary user account.

Web cache poisoning via ambiguous HTTP request

Oct 20, 2020 - 3 min read | 

• cache-poisoning
• host-header

How you can trick a web application to send resources from a malicious host using the host header.

Basic password reset poisoning via Host Header

Oct 18, 2020 - 4 min read | 

• authentication
• host-header

An introduction to exploiting password reset vulnerabilities via the Host Header.

Monitor your work station with Elastic Stack

Oct 11, 2020 - 3 min read

A complete guide to monitoring your wort station with Elasticsearch, Kibana, and various Beats.

How to generate text with OpenAI's GPT-2, React and Flask

Sep 21, 2019 - 3 min read

A simple Flask & React app to demonstrate how to generate text with OpenAI's GPT-2.

Running a Node.js app with Docker, Kubernetes and Minikube

Aug 24, 2019 - 6 min read

Make your dev environment closer to prod by running Kubernetes locally with Minikube.

Sneaky fingerprint and IP address tracker

May 14, 2019 - 4 min read

A small React app to demonstrate how to collect a device's fingerprint and IP address metadata.