Lead developer | Bug hunter (approximately every 3 months) > https://aeth.cchttps://bsky.app/profile/aethlios.bsky.socialhttps://bsky.app/profile/aethlios.bsky.social/post/3lnkopyzjms2sI'm excited to share that I recently found a XSS in Quasar Framework. The CVE-2025-43954 has just been published to document this security issue. You can learn more about it here: - https://github.com/advisories/GHSA-wm65-ph3w-587c24 Apr 2025 12:15 +0000at://did:plc:mdknrd2txopjbrye4hio7bcn/app.bsky.feed.post/3lnkopyzjms2shttps://bsky.app/profile/aethlios.bsky.social/post/3lk6issejm22wGreat resource on secret leakage, I invite you to read it. https://www.gitguardian.com/files/the-state-of-secrets-sprawl-report-202512 Mar 2025 11:42 +0000at://did:plc:mdknrd2txopjbrye4hio7bcn/app.bsky.feed.post/3lk6issejm22whttps://bsky.app/profile/aethlios.bsky.social/post/3lbropmagkc2yA really comprehensive resource on CORS attacks. I'm going to rework my course slides based on this research, thank you for your contribution! [contains quote post or other embedded content]25 Nov 2024 14:01 +0000at://did:plc:mdknrd2txopjbrye4hio7bcn/app.bsky.feed.post/3lbropmagkc2yhttps://bsky.app/profile/aethlios.bsky.social/post/3lbrg6nfc6c2hI'm glad to see so many people switching over to Bluesky and following me! Take the time to discover my open source tool on sandwich attacks : 👉 https://github.com/AethliosIK/reset-tolkien25 Nov 2024 11:28 +0000at://did:plc:mdknrd2txopjbrye4hio7bcn/app.bsky.feed.post/3lbrg6nfc6c2hhttps://bsky.app/profile/aethlios.bsky.social/post/3kxkd563lki2aMy second article on time-based secrets has just been published! 🚀 I explore a new usecase of the sandwich attack to set up a scenario for real-time monitoring of web application invitations. - English version: https://aeth.cc/public/Article-Reset-Tolkien/multi-sandwich-article-en.html - French version: https://aeth.cc/public/Article-Reset-Tolkien/multi-sandwich-article-fr.html18 Jul 2024 09:33 +0000at://did:plc:mdknrd2txopjbrye4hio7bcn/app.bsky.feed.post/3kxkd563lki2ahttps://bsky.app/profile/aethlios.bsky.social/post/3kp5ckm5p522vFollowing #bugbounty findings, I started focusing my research on time-based secrets. This research began for me a year ago, and enabled me to take the time to implement my open source tool: “Reset Tolkien”. 🚀 I've written an article detailing my research : - 🇬🇧 EN : https://www.aeth.cc/public/Article-Reset-Tolkien/secret-time-based-article-en.html02 Apr 2024 09:57 +0000at://did:plc:mdknrd2txopjbrye4hio7bcn/app.bsky.feed.post/3kp5ckm5p522v