chndlrx

"Can this thing hack?" That was the question I had when I started testing the @claudeai browser extension against real web application vulnerabilities. My only interaction was supplying a one-line prompt. The results were very impressive. To learn more, read my latest blog post. chndlrx.com/posts/hacking-…

During an #LLM penetration test, I really got my hopes up thinking I found privilege escalation through a #PromptInjection vulnerability. Unfortunately this attack did not succeed, and the chat bot was just hallucinating. What a tease!

After completing the @offsectraining #OSWE, I thought it might be helpful to share my experience with others. Check out my review of the #AWAE course and the associated 48-hour exam. I cover what makes WEB-300 different from other #CyberSecurity courses, honest insights on the learning curve and course material, my exam experience and approach, and tips for future OSWE candidates. Whether you're considering OSWE or just curious about white box web application #PenetrationTesting testing, I hope this is a helpful resource. I would strongly recommend this course for experienced offensive security engineers, developers, and #AppSec professionals. You can check it out here: chndlrx.com/posts/oswe-rev…

Got the email. Passed my @offsectraining #OSWE. This was a fantastic course that covered advanced web application exploitation using white box techniques, source code analysis, and chaining vulnerabilities for maximum impact.

Tired of hunting down payloads every time you test a file upload feature? I was too.… so I built a file upload security testing toolkit with hundreds of ready-to-use malicious files organized by abuse case (XSS, XXE, SSRF, SSTI, path traversal, web shells, filename injection, and more). There’s plenty of theory out there, but not a centralized repo of practical, built-out test files. Each vector includes methodology write-ups to help researchers get maximum coverage. I’ll keep expanding it. Contributions are welcome. Link below. github.com/chndlrx/file-u…

@payloadartist This is definitely underrated.

I wish I knew this earlier. There is a website that shows you what CSP bypasses are possible by pasting the CSP policy in it. cspbypass.com Basically you can lookup vulnerable 3rd party JS libs and SDKs from the whitelisted CSP sources #bugbountytips #bugbounty

@rez0__ Love this! ✝️

I made a super simple chrome extension that blocks youtube and socials until i've read my bible. some of yall might think it's cool github.com/jthack/bible-b…

Excited to have my first CVEs published! The Print Shop Pro application was particularly fun to test due to the large external usage. XSS and CSRF had easy account takeovers due to no password validation, PrivEsc enabled full application takeover, and the SQLI led to remote database exfiltration. Critical severity: CVE-2026-26725: Privilege Escalation CVE-2026-26722: Weak Authentication Mechanism CVE-2025-61548: SQL Injection High severity: CVE-2026-26721: Session Identifier in Query String CVE-2026-26723: Reflective XSS CVE-2026-26724: Stored XSS CVE-2025-61547: CSRF CVE-2025-61549: Reflective XS CVE-2025-61550: Stored XSS Low severity: CVE-2025-61546: Business Logic Flaw Technical details, PoCs, etc: github.com/chndlrx/vulner…