Sebastian Lekies

@slekies

Tech Lead - Web Application Security Scanning

Zurich, Switzerland
Sumali noong Oktubre 2011
3 Larawan o video Mga larawan at video

Mga Tweet

Na-block si @slekies

Sigurado ka bang gusto mong tingnan ang mga Tweet na ito? Hindi maa-unblock si @slekies sa pagtingin ng mga Tweet.

  1. Naka-pin na Tweet
    Ene 5

    The full list of CSP bypasses with all known vectors that came up during the recent discussions:

    4 mga sagot 131 retweet 152 gusto
  2. Ene 19

    Advice to untangle cyber PR: If someone says "we got attacked X times" without exactly saying what "attack" means it's cyber-bullshit.

    2 sagot 7 retweet 14 (na) gusto
  3. Ene 18

    We keep hearing rumors that there'll be an ★Allstars 2017★ during OWASP AppSec EU in Belfast. Maybe there is something to it… cc

    7 retweet 11 gusto
  4. Ene 17

    There are still free seats for my workshop about Inkscape in Zurich Please RT

    29 mga retweet 15 gusto
  5. Ene 12

    And another CSP bypass by :

    1 sagot 8 retweet 14 (na) gusto
  6. Ene 12

    How to write a research paper: a guide for software engineers & practitioners. /cc

    6 mga sagot 112 retweet 247 gusto
  7. Ene 10

    Remove DOM nodes without JavaScript: <svg><animate id=a dur=1 /><circle r=100> <discard begin=a.end xlink:href= /><style id=x>*{fill:red}

    2 sagot 60 retweet 146 (na) gusto
  8. Ene 7

    Another dangling markup vector:

    3 sagot 4 mga retweet 13 gusto
  9. Ene 7

    5 more CSP bypasses added to the list:

    5 retweet 18 gusto
  10. Ene 6

    any additional ideas?

  11. Ene 6

    Framework-specific bypasses are also welcome!

    4 mga sagot 1 gusto
  12. Ene 6

    Added a few more CSP bypasses to the list. Happy to receive suggestions, ideas and PoCs. Just ping me.

    1 sagot 7 retweet 12 gusto
  13. Ene 5

    CC

    1 sagot 1 gusto
  14. Ene 5

    CSP-protected HTML injections can probably be used to break same-site cookies to conduct CSRF. (cc , , )

    2 sagot 2 retweet 5 gusto
  15. Dis 28, 2016

    Are you ready for life outside the sandbox

    12 retweet 16 (na) gusto
  16. Ene 2

    Slightly surprised by how many ways there are to mutate HTML without JS! (by )

    5 retweet 31 gusto
  17. Ene 1

    hah, my CSP nonce bypass:

    3 sagot 18 retweet 57 gusto
  18. Dis 31, 2016

    Another type of CSP nonce bypass. FF+Chrome. Works with traditional reflected XSS. Happy new year!

    6 mga sagot 77 retweet 107 gusto
  19. Sinundan ni Sebastian Lekies sina , , and 4 others
    • Juan David Parra
      @nopbyte

    • Intent To Ship
      @intenttoship

      I tweet when browser makers announce their intent to ship, change or remove features in their web engines! I was made by .

  20. Dis 29, 2016

    and chrome too, soon!

    1 sagot 2 retweet 3 gusto

Hindi pa nagtu-Tweet si:@slekies.

Ang paglo-load ay mukhang natatagalan.

Maaaring lumagpas na sa kapasidad ang Twitter o nakakaranas ng panandaliang problema. Subukan muli o bisitahin ang Twitter Status para sa karagdagang impormasyon.

    Maaari mo ring magustuhan

    ·