#WebApp_Security
1. Exploiting an ORM Injection to Steal Cryptocurrency from an Online Shooter
https://blog.p1.gs/writeup/2025/07/06/Hacking-a-crypto-game
2. Delivering PHP RCE to the Local Network Servers
https://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE
3. XSS in Google IDX Workstation
https://sudistark.github.io/2025/07/02/idx.html
♦️@ZeroSec_team
1. Exploiting an ORM Injection to Steal Cryptocurrency from an Online Shooter
https://blog.p1.gs/writeup/2025/07/06/Hacking-a-crypto-game
2. Delivering PHP RCE to the Local Network Servers
https://github.com/ZeroMemoryEx/PHP-CGI-INTERNAL-RCE
3. XSS in Google IDX Workstation
https://sudistark.github.io/2025/07/02/idx.html
♦️@ZeroSec_team
blog.p1.gs
Exploiting an ORM Injection to Steal Cryptocurrency from an Online Shooter · xEHLE
❤2
DOMino.pdf
9.6 MB
#tools
#WebApp_Security
#Offensive_security
DEF CON 33:
"The DOMino Effect:
Automated Detection and Exploitation of DOM Clobbering Vulnerability at Scale".
]-> dynamic analysis tool to detect/exploit DOMC vulns
]-> Dataset: DOMC Gadgets Collection
]-> Research (.pdf)
// .. first dynamic analysis framework to automatically detect and exploit DOM Clobbering gadgets. Key insight is to model attacker-controlled HTML markups as Symbolic DOM - a formalized representation to define and solve DOM-related constraints with in the gadgets - so that it can be used to generate exploit HTML markups
⭐️ @Zerosec_team
#WebApp_Security
#Offensive_security
DEF CON 33:
"The DOMino Effect:
Automated Detection and Exploitation of DOM Clobbering Vulnerability at Scale".
]-> dynamic analysis tool to detect/exploit DOMC vulns
]-> Dataset: DOMC Gadgets Collection
]-> Research (.pdf)
// .. first dynamic analysis framework to automatically detect and exploit DOM Clobbering gadgets. Key insight is to model attacker-controlled HTML markups as Symbolic DOM - a formalized representation to define and solve DOM-related constraints with in the gadgets - so that it can be used to generate exploit HTML markups
⭐️ @Zerosec_team
👍6
#WebApp_Security
1. Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover
https://zere.es/posts/cache-deception-cspt-account-takeover/
2. Smuggling Requests with Chunked Extensions: A New HTTP Desync Trick
https://www.imperva.com/blog/smuggling-requests-with-chunked-extensions-a-new-http-desync-trick
⭐️ @ZeroSec_team
1. Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover
https://zere.es/posts/cache-deception-cspt-account-takeover/
2. Smuggling Requests with Chunked Extensions: A New HTTP Desync Trick
https://www.imperva.com/blog/smuggling-requests-with-chunked-extensions-a-new-http-desync-trick
⭐️ @ZeroSec_team
Zere
Cache Deception + CSPT: Turning Non Impactful Findings into Account Takeover
Recently, while auditing the main application of a private bug bounty program, I discovered a Client-Side Path Traversal (CSPT) and a Cache Deception vulnerability. Individually, these issues were unexploitable and had no real impact. However, when chained…
🔥3👎1
NodeJS_Sec_for_WebApp.pdf
2.4 MB
#Tech_book
#WebApp_Security
"Essential Node.js Security for Express Web Applications", 2023.
// This book aims to equip existing Node.js developers, both beginners and experienced, with expertise and skills in security best practices. The book takes a practical hands-on approach to the Node.js ecosystem by using a good deal of source code examples, as well as leveraging and reviewing well tested and commonly used libraries and industry security standards
⭐️ @Zerosec_team
#WebApp_Security
"Essential Node.js Security for Express Web Applications", 2023.
// This book aims to equip existing Node.js developers, both beginners and experienced, with expertise and skills in security best practices. The book takes a practical hands-on approach to the Node.js ecosystem by using a good deal of source code examples, as well as leveraging and reviewing well tested and commonly used libraries and industry security standards
⭐️ @Zerosec_team
❤3🔥1
1. Anthropic MCP Inspector Vulnerability
- From XSS to RCE (CVE-2025-58444)
https://medium.com/@Qubit18/from-xss-to-rce-critical-vulnerability-chain-in-anthropic-mcp-inspector-cve-2025-58444-7092ba4ac442
2. XSS-Leak: Leaking Cross-Origin Redirects
https://blog.babelo.xyz/posts/cross-site-subdomain-leak
#WebApp_Security
⭐️ @Zerosec_team
- From XSS to RCE (CVE-2025-58444)
https://medium.com/@Qubit18/from-xss-to-rce-critical-vulnerability-chain-in-anthropic-mcp-inspector-cve-2025-58444-7092ba4ac442
2. XSS-Leak: Leaking Cross-Origin Redirects
https://blog.babelo.xyz/posts/cross-site-subdomain-leak
#WebApp_Security
⭐️ @Zerosec_team
Medium
From XSS to RCE: Critical Vulnerability Chain in Anthropic MCP Inspector(CVE-2025–58444)
When developing an MCP service, I typically use MCP Inspector for code testing and debugging, as it is an open-source inspection…
❤7
In_Browser_LLM_Guided_Fuzzing.pdf
3.7 MB
"In-Browser LLM-Guided Fuzzing for Real-Time Prompt Injection Testing in Agentic AI Browsers", 2025.
]-> Complete fuzzing platform
// LLM based agents integrated into web browsers offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks. We present a novel fuzzing framework that runs entirely in the browser and is guided by an LLM to automatically discover such prompt injection vulnerabilities in real time. We demonstrate that our in-browser LLM-guided fuzzer can effectively uncover prompt injection weaknesses in autonomous browsing agents while maintaining zero false positives in detection
#AIOps
#Fuzzing
#WebApp_Security
⭐️ @Zerosec_team
]-> Complete fuzzing platform
// LLM based agents integrated into web browsers offer powerful automation of web tasks. However, they are vulnerable to indirect prompt injection attacks. We present a novel fuzzing framework that runs entirely in the browser and is guided by an LLM to automatically discover such prompt injection vulnerabilities in real time. We demonstrate that our in-browser LLM-guided fuzzer can effectively uncover prompt injection weaknesses in autonomous browsing agents while maintaining zero false positives in detection
#AIOps
#Fuzzing
#WebApp_Security
⭐️ @Zerosec_team
❤2👍2