I research a lot of Javascript as part of my job and I’ve been toying with the idea of a perfect native function overwrite. The idea is that you can still call the native function and have control over it but once it’s been defined it cannot be modified only destroyed. My idea was to […]

I like this event, it’s pretty cool. The reason why it’s interesting from a XSS perspective is that it is executed automatically without user interaction. This is rare in the XSS playground, usually you have to use onerror, onload or onfocus events and they only work in certain circumstances. I’d better mention that the event […]