posts

A new web app architecture pattern is being adopted by many popular frameworks. Let’s talk about risk!

When two specifications have differing opinions on how something should be parsed: here be dragons.

Yet another parsing differential bug

There’s a scene in the classic Christmas movie “A Christmas Story” where nine-year-old Ralphie uses a secret decoder pin to decode a secret message from his favorite radio program Little Orphan Annie.

*Subdomain takeover and DNS hijacking have been covered at length by Franz Rosen, Patrik Hudak, and plenty of other people. Rather than rehashing those traditional techniques, this post will explore a novel approach to finding dangling CNAME records. *