client side hacking writeupps (very imp)

https://x.com/AmirMSafari/status/2020569860472750512?s=20 --> best challenge !!!2026

https://blog.voorivex.team/when-two-parsers-disagree-exploiting-query-string-differentials-for-xss --> best solution for that !!!! totalyl client side deep understanding !!!!

Stealing Salesforce OAuth Tokens using the WAFcastilho blog

Scream at it until it Escalates - XSS to ATO via Server Size Errors Gadgetscastilho blog

Account hijacking using "dirty dancing" in sign-in OAuth-flowsLabs Detectify

---

---

---

---

Cross-Site Scripting (XSS) Cheat Sheet - 2026 Edition | Web Security AcademyWebSecAcademy

postmessaged-and-compromisedwww.microsoft.com

Client-side RCE via CSS Injection in Google Web Designer for WindowsBálint Magyar

Abusing the NinjaShell API for Code Execution in Google Web Designersudi’s blog

Microsoft Partner Leak: Leaking Microsoft Employee PII and 700M+ Partner Recordsblog.faav.net

Break into any Microsoft building: Leaking PII in Microsoft Guest Check-Inblog.faav.net

above one is literally crazy easy understanding writeuups !!! like easy and logic hunts clinet side one !!!! by faav

sudi’s blogsudi’s blog

sudis writeupps ar ecompulsory to read and try to understand each line , after doing js !!!

EdOverflow | Web Developer, Security Researcher, and Author of security.txtEdOverflow

above website is more dang for client side

Clickjacking

To make Clickjacking work, the victim needs to be authenticated in an iframe embedded in the attacker’s page. Since the iframe is making a cross-origin request, by dropping cookies, the victim will not be authenticated, and hence the attack will fail. Clickjacking is still a threat for Single Page Applications (SPAs) that store session ID/access tokens in localStorage or sessionStorage.

BELOW WRITEUPP IS BEST ON CLIENT SIDE HACKING (BASED ON XSS) MUST GIVE IT A NICE READ DOUBLE

REGEXSS: How .* Turned Into over $6k in BountiesStealthcopter

JUSTIN GARDNER GUIDE ON CLIENT SIDE HACKING !!(I HAVE TO READ IT 8 TIME YASSM WRITUPPS)

https://www.linkedin.com/in/jarijaas/www.linkedin.com

Aiven Ltd disclosed on HackerOne: Apache Flink RCE via GET jar/plan...HackerOne

Aiven Ltd disclosed on HackerOne: Kafka Connect RCE via connector...HackerOne

Aiven Ltd disclosed on HackerOne: [Kafka Connect]...HackerOne

GitLab disclosed on HackerOne: Stored XSS on issue comments and...HackerOne

https://x.com/shm0ul -

BELOW ARE SOME HARD BLOGS , AHHHH

Veeam Vulnerabilities: CVEs and $30K BountiesVoorivex Hunting Team

Voorivex Teamvoorivex.team

below writeupp should be readed and understood properly we can also use chatgpt to understand it better !!

Cloudflare Image Proxy CSPT Exploit ExplainedVoorivex Hunting Team

Stealing oAuth Token via Referrer Policy OverrideVoorivex Hunting Team

BugBountyTips/Authentication/shared-secret-key/README.md at main · VoorivexTeam/BugBountyTipsGitHub

dependency confusion

Vibecoding my way to a crit on Github – Furbreeze – Dev Blogfurbreeze.github.io

---

---

Pumpkin (@u1f383) --> client side hacker , source code reviewer , ctf player(played a lot of ctfs )

https://x.com/u1f383/with_repliesX (formerly Twitter)

writeup/picoCTF.md at main · u1f383/writeupGitHub

AboutBlog

2025.3.31. 모닝보안기술LinkedInEditors

yassm

Datr cookie theft and AI leads to Facebook account takeover via trusted device recoveryYoussef Sammouda (sam0) personal blog

Two-click Facebook account takeover via FXAuth token and blob theftYoussef Sammouda (sam0) personal blog

Self-XSS in Facebook payments flow leads to Instagram and Facebook account takeoversYoussef Sammouda (sam0) personal blog

isane writeuppp !!

Research & Thingszhero_web_security

Unlocking Reflected XSS in the Astro frameworkzhero_web_security