From CRLF to Account Takeover

Many people don’t like client-side vulnerabilities. I’m not a fan of such vulnerabilities as well. And I try to spend less time searching for them. You can’t surprise anyone with endless alert-boxes on the pages. But sometimes these alerts boxes can be worth their weight in gold. Especially if the execution of javascript is necessary for the chain to exploit a serious problem. Under a serious problem today we are talking about stealing…

I am a guy passionate about testing and security researching 👨‍💻 → t.me/valyaroller

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Airdrop | Latest Airdrop | CTomorrow Global Airdrop Event

Get rid of your password, seriously!

Bitsonic, as a native token in Bitsonic

Good Things Fall Apart

{UPDATE} Tree Tower Pro Hack Free Resources Generator

SCAM ALERT: Fake Red Light Camera Violation Notices

SCAM ALERT: Fake Red Light Camera Violation Notices

How to Earn in Anchor Protocol using Kado Money (Anchor Protocol Tutorial) — Part 3

How to quickly transfer money directly to someone’s bank account using Paytm

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Valeriy Shevchenko

Valeriy Shevchenko

I am a guy passionate about testing and security researching 👨‍💻 → t.me/valyaroller

More from Medium

Broken Link hijacking — What it is and how to get bounties with it! $$$

Parameter Pollution - Zero Day

Cross site scripting | xss explain(PORTSWIGGER solve)

XSS Attacks