Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- DuckDuckGo is a privacy oriented search engine. Because of this, security bugs are a big deal.
- A researcher accidentally found an HTML injection bug while looking at search results for Urban Dictionary. The content of a header was being injected into the page as raw HTML.
- This is a dead-simple XSS; the payload is even extremely simple. However, the interesting part is WHERE the payload came from. Sometimes, the avenue of the attack is the most important part.
