A $3,500-Worth HTML Injection by Abusing CSRF-like

This article explains how an HTML injection vulnerability can be abused to bypass the usual limitations of CSRF, allowing attackers to execute sensitive actions.

Brute Forcing Web Logins Using FFuF

FFuF offers a lightweight and fast alternative to heavy Burp Suite (Intruder) for cracking web logins.

Cracking a JWT Secret Key (HS256) with Hashcat

How a weak JWT Secret Key can be cracked using Hashcat, allowing attackers to forge valid sessions and abuse authentication.