The Cybersec Café

The Cybersec Café

Home
Cybersec OS
Sponsors
Community
Archive
About

Methodology Walkthrough

Exploiting XSS To Steal Cookies
Cybersec Café #43 - 11/26/24
  
Ryan G. Cox
Blind OS Command Injection with Output Redirection
Cybersec Café #41 - 11/12/24
  
Ryan G. Cox
Exploiting SQLi to Query Database Version on MySQL and Microsoft
Cybersec Café #39 - 10/29/24
  
Ryan G. Cox
Blind XXE with OOB Interaction via XML Parameter Entities
Cybersec Café #37 - 10/15/24
  
Ryan G. Cox
OAuth Account Hijacking via redirect_uri
Cybersec Café #35 - 10/01/24
  
Ryan G. Cox
Web Shell Upload via Extension Blacklist Bypass
Cybersec Café #33 - 9/17/24
  
Ryan G. Cox
Server-Side Template Injection in an Unknown Language with a Documented Exploit
Cybersec Café #31 - 9/03/24
  
Ryan G. Cox
Multi-Step Process with No Access Control on One Step
Cybersec Café #29 - 8/20/24
  
Ryan G. Cox
Insufficient Workflow Validation
Cybersec Café #27 - 8/06/24
  
Ryan G. Cox
File Path Traversal Sequences Stripped Non-Recursively
Cybersec Café #25 - 7/23/24
  
Ryan G. Cox
SSRF via Flawed Request Parsing
Cybersec Café #23 - 7/09/24
  
Ryan G. Cox
CORS Vulnerability with Trusted Insecure Protocols
Cybersec Café #21 - 6/25/24
  
Ryan G. Cox
© 2025 Ryan G. Cox
PrivacyTermsCollection notice
Start writingGet the app
Substack is the home for great culture