bug-bounty480
google297
xss277
microsoft249
facebook211
rce159
apple150
exploit136
bragging-post102
account-takeover98
malware94
csrf84
cve79
privilege-escalation74
authentication-bypass65
stored-xss65
writeup61
reflected-xss57
browser54
react53
ssrf51
phishing50
dos50
input-validation49
cloudflare49
access-control49
cross-site-scripting48
node46
aws46
smart-contract45
docker45
sql-injection45
ethereum44
defi43
web-security43
web-application42
supply-chain42
oauth41
web339
burp-suite36
lfi34
vulnerability-disclosure34
idor34
html-injection33
smart-contract-vulnerability32
race-condition32
clickjacking31
reverse-engineering31
information-disclosure30
csp-bypass30
0
8/10
vulnerability
A detailed technical writeup of discovering and exploiting polymorphic image-based XSS vulnerabilities on Google Scholar by embedding JavaScript payloads in JPEG/PNG metadata and entropy-coded segments that survive image processing transformations. The author developed techniques to bypass Google's image reprocessing backend and created a test suite for image library behavior analysis.
xss
polymorphic-images
image-processing
exif-injection
google-scholar
file-upload
imagemagick
graphicsmagick
libvips
csp-bypass
web-shell-concealment
metadata-injection
jpeg-exploitation
png-exploitation
vulnerability-research
Google Scholar
Doyensec
Lorenzo Stella
ImageMagick
GraphicsMagick
Libvips
Exiftool
doyensec/StandardizedImageProcessingTest
CVE-2023-21800
0
6/10
A practical guide combining AI image analysis with ImageMagick command-line blurring to automatically detect and redact sensitive data (credentials, emails, tokens) from screenshots. The workflow uses AI models to identify sensitive regions by coordinates, then applies Gaussian blur or solid fill redaction via ImageMagick's -region flag.
sensitive-data-redaction
screenshot-security
imagemagick
ai-assisted-security
credential-exposure
secrets-management
image-processing
automation
cli-tools
ImageMagick
Claude Code
Codex
Cursor
Windsurf
Jamdesk
Vercel