PinnedDaniel SantosFrom SVG and back, yet another mutation XSS via namespace confusion for DOMPurify < 2.2.2 bypassFor those who are only interested in the final payload here you go (I won’t judge). For the ones interested in why it works, please bear…Nov 11, 2020Nov 11, 2020
Daniel SantosReversing a Magento RCE (CVE-2022–24086)NOTE: This post has been sitting on my drafts forever and I don’t remember why I never published it before 🤣. The vulnerability addressed…Jun 27Jun 27
Daniel SantosLeaking Microsoft Defender’s exclusions using a timing oracleAround January 2022, the fact that unprivileged users were able to enumerate Microsoft Defender’s exclusion rules gained notoriety. A…Feb 11Feb 11
Daniel SantosCapturing the flag with ChatGPT: solving DiceCTF 2023 rev/time-travelI was recently invited to play the latest edition of DiceCTF. It was a last-minute invite, so I just played the last two hours of the…Feb 7, 2023Feb 7, 2023
Daniel SantosBypassing Defender’s self-protect mechanismI recently started working as a Red Team lead, and figuring out ways to bypass antivirus engines became a regular thing. I am a huge fan of…Feb 17, 2022Feb 17, 2022
Daniel SantosinTechiepediaThe tale of CVE-2021–34479 (VSCode XSS)This April, I finally decided to take some time to study the Electron framework and the security considerations around it. After learning…Nov 17, 20211Nov 17, 20211
Daniel SantosinTechiepediaHow I found my first Chrome bug (CVE-2021–21210)On October 31, 2020, @SamyKamkar published his research on NAT Slipstreaming. According to his own words, NAT Slipstreaming —Jun 28, 2021Jun 28, 2021
Daniel SantosCracking Rolling Code Locks the lazy wayI took some of my Christmas break time to solve as many challenges as I could in HackerOne’s CTF. Out of the remaining challenges I still…Jan 1, 20211Jan 1, 20211