When I find a vulnerability or write a new CodeQL query I will try to share my newly gained knowledge here.
Or if I simply want to blog about something I like :P
JSON Web Tokens (JWTs) are notorious for vulnerabilities. In this post I’m going to show how to find multiple CVEs in users of the jwtk/jjwt library.
In this post I’ll show how to achieve remote code execution using multiple smaller vulnerabilities.
Welcome to Intrigus’ Security Lab (ISL).