TwitterFacebook

Art Of Code

Software and Data Science

writeups, portswigger, web, clickjacking

Portswigger’s lab write up: Clickjacking with a frame buster script

In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking via URL parameters, even though there is a frame buster script enabled.
Christian Páez
Christian Páez
3 min read
blog, datascience

Who will win the 2022 Brazilian Presidential Election?, according to statistics.

Many news outlets have run opinion polls on presidential candidates for the Brazilian 2022 election; what does this data tell us about a possible winner?.
Christian Páez
Christian Páez
1 min read
Projects

2022 Brazilian Election Forecast

Luiz Inácio Lula da Silva has a 96% chance of winning the 2022 presidential election(Second Round).
Christian Páez
Christian Páez
1 min read
writeups, portswigger, web, clickjacking

Portswigger’s lab write up: Clickjacking with form input data prefilled from a URL parameter

In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking due to form filling via url parameters.
Christian Páez
Christian Páez
2 min read
writeups, portswigger, web, clickjacking

Portswigger’s lab write up: Basic clickjacking with CSRF token protection

In this apprentice level lab, we will exploit the delete account flow from a website vulnerable to clickjacking even though there is some CSRF token protection present.
Christian Páez
Christian Páez
2 min read
writeups, portswigger, web, csrf

Portswigger’s lab write up: CSRF vulnerability with no defenses

In this apprentice-level lab, we will exploit a site that contains a CSRF vulnerability in its email change functionality.
Christian Páez
Christian Páez
2 min read
blog, web, software

How does URL decoding and encoding work?

Every time you visit a website, your browser is encoding and decoding URLs under the hood. This is done in order to avoid transmitting invalid or unsafe data; let’s see how URL decoding works on a basic level and why it is important.
Christian Páez
Christian Páez
2 min read
blog, datascience

Why is it important to standardize datasets?

Data standardizing is a common practice in data science and machine learning. What does it actually mean and why is it beneficial?
Christian Páez
Christian Páez
2 min read
blog, history, web

Web 1.0 vs 2.0 vs 3.0.

When talking about Web standards, usually the different Web generations are brought up, what do they actually mean?, most of us are used to browsing on the web and using websites, but we do not understand these terms; let’s see some basic definitions.
Christian Páez
Christian Páez
2 min read
blog, software, bugs, errors, history

Why are Software bugs named bugs?

The use of the term "bug" to describe problems with software is now common and is used in both technical and non-technical contexts. What are the origins of the term?, Does it refer to a real insect?, Let’s check some historical facts.
Christian Páez
Christian Páez
1 min read
blog, web

Subdomains vs. Virtual Hosts

The difference between sub-domains and VHosts is important to understand because it can affect the way your website is accessed and how search engines index your website.
Christian Páez
Christian Páez
1 min read
web

Common Encoding and Decoding systems

Sometimes data cannot be stored or presented in plain text due to security reasons. Let’s see some of the most common encoding and decoding systems used nowadays.
Christian Páez
Christian Páez
1 min read