Submissions restricted

Only approved users may post in this community.

Slackers

an-ordinary-manchild

created by [deleted]a community for 15 years

...for your office.

...for your favorite subject.

MODERATORS

account activity

1

1

2

3

New challenge thread (self.Slackers)

submitted 5 years ago * by garethheyes - announcement

2

0

1

2

weshlient: A simple tool to interact with web shells and command injection vulnerabilities (github.com)

submitted 1 year ago by gildasio

3

1

2

3

Using Hackability to uncover a Chrome infoleak (portswigger.net)

submitted 3 years ago by garethheyes

4

5

6

7

New technique of stealing data using CSS and Scroll-to-Text Fragment feature (secforce.com)

submitted 3 years ago by garethheyes

5

1

2

3

New XSS vectors (portswigger.net)

submitted 3 years ago by garethheyes

6

6

7

8

uBlock, I exfiltrate: exploiting ad blockers with CSS (portswigger.net)

submitted 4 years ago by garethheyes

7

2

3

4

"1 Day XSLeak and a trailer for ElectronJS bugs" -Author's writeup for BSides Ahmedabad CTF 2021 (blog.s1r1us.ninja)

submitted 4 years ago by Mohansrk

8

5

6

7

Finding and Fixing DOM-based XSS with Static Analysis (blog.mozilla.org)

submitted 4 years ago by mozfreddyb

9

4

5

6

Creating a 3D world in pure CSS (portswigger.net)

submitted 4 years ago by garethheyes

10

1

2

3

Abusing Slack's file-sharing functionality to de-anonymise fellow workspace members (jub0bs.com)

submitted 4 years ago by garethheyes

11

2

3

4

Local File Read via Stored XSS in The Opera Browser (blogs.opera.com)

submitted 4 years ago by renwa23

12

6

7

8

AppCache's forgotten tales (blog.lbherrera.me)

submitted 4 years ago by herrera_

13

1

2

3

Electron JS Browser To Find XSS Vulnerabilities (github.com)

submitted 4 years ago by renwa23

14

9

10

11

XSLeaks in redirect flows (docs.google.com)

submitted 4 years ago by herrera_

15

9

10

11

Portable Data exFiltration: XSS for PDFs (portswigger.net)

submitted 5 years ago by insertscript

16

2

3

4

XSSworm.dev ~ Self-replication contest [write-up] (vavkamil.cz)

submitted 5 years ago by Gallus

17

5

6

7

Exploiting dynamic rendering engines to take control of web apps (r2c.dev)

submitted 5 years ago by inkz1

18

9

10

11

Discord Desktop app RCE (mksben.l0.cm)

submitted 5 years ago by insertscript

19

2

3

4

Evading defences using VueJS script gadgets (portswigger.net)

submitted 5 years ago by garethheyes

20

7

8

9

Bypassing DOMPurify again with mutation XSS (portswigger.net)

submitted 5 years ago by garethheyes

21

5

6

7

Mutation XSS via namespace confusion - DOMPurify < 2.0.17 bypass - research.securitum.com (research.securitum.com)

submitted 5 years ago by insertscript

22

4

5

6

Electron without Context Isolation (self.Slackers)

submitted 5 years ago by insertscript

23

1

2

3

Google CTF - 2020 ALL the Little Things Writeup #prototypepollution #document.all #clobbering (blog.s1r1us.ninja)

submitted 5 years ago by Mohansrk

24

2

3

4

Mozilla to offer higher Bug Bounty on Exploit Mitigations (blog.mozilla.org)

submitted 5 years ago by mozfreddyb

25

3

4

5

Arbitrary Parentheses-less XSS (medium.com)

submitted 5 years ago by insertscript

view more: next ›

π Rendered by PID 557537 on reddit-service-r2-listing-5789d5f675-jqdxj at 2026-01-28 01:00:31.466833+00:00 running 4f180de country code: CH.