Our Blog

From 500 to Account Takeover

Reading time: ~10 min
Introduction What seemed like a regular Cross-site Scripting (XSS) vulnerability on an HTTP 500 “Internal Server Error”-page, I managed to...

Intro to Chrome’s V8 from an exploit development angle

Reading time: ~14 min
Intro Last Christmas I was doing quite a bit of research around an exploit for Chrome’s JavaScript engine, V8. While...