Blaklis's Avatar

Blaklis

@blaklis.bsky.social

CTF player with The Flat Network Society - bug bounty & web security research

197 Followers  |  111 Following  |  4 Posts  |  Joined: 04.12.2024  |  1.5435

Latest posts by blaklis.bsky.social on Bluesky

GMSGadget

@mizu.re just launched a service to list XSS gadgets that bypass CSP or sanitizers. A good thing to keep in the arsenal - and a good thing to contribute on, if you have something to add!

gmsgadget.com

24.07.2025 23:00 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Very cool project!

23.07.2025 16:32 β€” πŸ‘ 8    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Challenges_2025_Public/web/legendary at main Β· DownUnderCTF/Challenges_2025_Public Files + Solutions for DownUnderCTF 2025 Challenges - DownUnderCTF/Challenges_2025_Public

DUCTF released a challenge that was really fun, from hash_kitten - @assetnote.io !

Happy to be part of the only team that solved it. It was a challenge full of nice tricks - check it out!

github.com/DownUnderCTF...

Read @assetnote.io partial writeup on it : slcyber.io/assetnote-se...

21.07.2025 09:37 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Adobe patches critical Magento admin takeover via menu injection A new attack on Adobe Commerce may break the menu bar for admin users. If your menu bar is missing, someone is stealing your session via CVE-2025-47110.

Sansec published a small article regarding a serious cache poisonning issue I recently found in Adobe Commerce : sansec.io/research/mag...

It is quite a good idea to patch your instances if it's not done - there's even an isolated patch for it!

helpx.adobe.com/security/pro...

26.06.2025 15:03 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@blaklis is following 20 prominent accounts