Payload of the Day — DOM XSS Chain & Bypass
A breakdown of how I discovered a DOM-based XSS sink, crafted the payload, and bypassed script sanitization using an attribute-injection trick. Includes step-by-step reproduction.
Read writeup →Blog & Notes
Advanced BurpSuite Notes
Macros, session handling, Repeater → Intruder chaining, and how I audit XSS with precision.
FFUF Recon Workflow
My fast recon structure: wordlists, directory brute-force, recursion & silent scanning.
My Home Pentest Lab
DVWA, PortSwigger Academy, Python tooling, and how I structured my minimal hacker lab.
Red Team Notes (Phase Zero)
Payload delivery, phishing setups, OSINT flows, and AV/EDR bypass attempts.
OWASP Study Notes
XSS, CSRF, SQLi, IDOR, file uploads, authentication flaws — my learning logs.
Security+ — Study Prep
Threat analysis, cryptography basics, risk management, and network security notes.