attack ships on fire

Home
Archive
About
New
Exploiting TRACE
TL;DR The presence of the TRACE method is generally considered to be at best an informational finding (and in isolation, I wouldn’t disagree with that…
Aug 4 • 
attack ships on fire
Share this post

Exploiting TRACE

attackshipsonfi.re
December 2022
Exploiting API Framework Flexibility
TL;DR The modern frameworks are often very flexible with what they accept, and will happily treat a POST with a JSON body as interchangeable with a URL…
Dec 17, 2022 • 
attack ships on fire
1
Share this post

Exploiting API Framework Flexibility

attackshipsonfi.re
November 2022
Exploiting CORS Misconfigurations
TL;DR If you can find an unrestricted CORS endpoint, that also responds to the HTTP override headers, then potentially you can use it to access…
Nov 26, 2022 • 
attack ships on fire
2
Share this post

Exploiting CORS Misconfigurations

attackshipsonfi.re
3
© 2023 attack ships on fire
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing