's Avatar

@sparrrgh.me

Hack stuff CTF Player (sometimes) they/them πŸ³οΈβ€πŸŒˆ header from hologender Blog at blog.sparrrgh.me

89
Followers 331
Following 22
Posts 15.09.2023
Joined
Posts Following

Latest posts by @sparrrgh.me

CSRFing Express with simple requests Intro Have you ever had a perfectly good Cross-Site Request Forgery1 attack blocked by CORS? Cross-Site Request Forgery - Portswigger Web Academy ↩

Published a quick blog post on a series of tricks to perform CSRF attacks on a very common configuration of Expressjs, as well as exploiting a parser bug in the qs npm package. Let me know what you think of it!

blog.sparrrgh.me/web/2026/02/...

19.02.2026 07:45 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
self destructive perfectionism track 4 on the little ep im working on

track 4 of my wip ep is now online! would big appreciate if you checked it out :)

soundcloud.com/fyrisme/self...

26.01.2026 15:44 πŸ‘ 5 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0
Front of CCH Building in Hamburg, with its name changed to CCC

Front of CCH Building in Hamburg, with its name changed to CCC

Back to Hamburg for #39c3 :3

27.12.2025 10:54 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Manual matchmaking on Discord

06.11.2025 09:07 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

There is a lot of demand for digital privacy and security advice out there right now and lots of people are giving advice and writing guides. I beg them to do a few things:

1. Be explicit about the threat model your advice is meant for.

21.09.2025 01:50 πŸ‘ 405 πŸ” 104 πŸ’¬ 5 πŸ“Œ 2
Fight Chat Control - Protect Digital Privacy in the EU Learn about the EU Chat Control proposal and contact your representatives to protect digital privacy and encryption.

If you are a scientist please consider signing our letter. If you are a concerned citizen (you should be!) you can find here a number of ways to make your voice heard: fightchatcontrol.eu

10.09.2025 05:21 πŸ‘ 20 πŸ” 15 πŸ’¬ 0 πŸ“Œ 2

Here we go again πŸ™„ we have written an open letter detailing how incredibly misguided is the ChatControl proposal: csa-scientist-open-letter.org/Sep2025

10.09.2025 05:18 πŸ‘ 22 πŸ” 15 πŸ’¬ 1 πŸ“Œ 1
slurpee machine with one crashed screen

slurpee machine with one crashed screen

I'm drinking the Bios Crash slurpee I hope it crashes my bios I hope I blue screen

29.07.2025 21:29 πŸ‘ 18504 πŸ” 5968 πŸ’¬ 229 πŸ“Œ 356
Post image

Trenches

19.07.2025 14:23 πŸ‘ 2457 πŸ” 462 πŸ’¬ 15 πŸ“Œ 4
08.07.2025 04:16 πŸ‘ 5739 πŸ” 1596 πŸ’¬ 26 πŸ“Œ 10

Ticket platform is live! Get your seat at nohat.it

#nohat2025 #computer #security #conference #community

30.06.2025 09:30 πŸ‘ 1 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
A meme that says to close ones tab, is to admit you were never truly committed to the journey. there's a costume fox that's faded in the background with a person in the center meditating. in focus is an image of a browser tab with a prompt that says close tab. it looks like a cheesy motivational poster from the 80s and 90s.

A meme that says to close ones tab, is to admit you were never truly committed to the journey. there's a costume fox that's faded in the background with a person in the center meditating. in focus is an image of a browser tab with a prompt that says close tab. it looks like a cheesy motivational poster from the 80s and 90s.

25.06.2025 16:57 πŸ‘ 785 πŸ” 111 πŸ’¬ 15 πŸ“Œ 10
Video thumbnail
17.06.2025 17:01 πŸ‘ 706 πŸ” 196 πŸ’¬ 12 πŸ“Œ 9
Please feel free to cite the Deep Magic to me! I was there when it was written so I love talking about it :)

Please feel free to cite the Deep Magic to me! I was there when it was written so I love talking about it :)

16.06.2025 11:56 πŸ‘ 9395 πŸ” 2323 πŸ’¬ 36 πŸ“Œ 93
paper sign in window says: do not dumb here. not dumb area here.

paper sign in window says: do not dumb here. not dumb area here.

bsky reply etiquette psa

12.06.2025 09:10 πŸ‘ 419 πŸ” 57 πŸ’¬ 11 πŸ“Œ 2
Post image

RIP πŸ’€

11.06.2025 19:15 πŸ‘ 6 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0

They don't seem to appreciate the humor of an email address that is also a shell command injection attempt or the time zone of -2456.

11.06.2025 09:24 πŸ‘ 18 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0

Oh yeah, I usually use targeted word lists lo

Or bruteforce all combinations only if I know the password policy is weak enough

10.06.2025 10:30 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

It's cheap enough to be worth it almost every time honestly

10.06.2025 09:27 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Finding an SOQL Injection 0-Day in Salesforce How an un-exploitable SOQL injection turned into a 0-day in Salesforce itself affecting millions of user records

Cool research, I love smart ways to escalate low impact bugs

10.06.2025 06:48 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 1

Also, Bsky is painfully US-centric. Most of the posts talk about US politics and its drama. I think it's an important topic, but it looks like it's the only thing going on over here.

Maybe it's just my discover tho

09.06.2025 18:26 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

What was up with all that ninja imagery? It disappeared except for binary ninja, and I'm not sure where it came from

09.06.2025 09:41 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Dom-Explorer

DOM Explorer - a brilliant HTML hacking tool!

yeswehack.github.io/Dom-Explorer/

31.05.2025 09:59 πŸ‘ 11 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
An Oral-B login screen.

An Oral-B login screen.

I have been logged out of my toothbrush.

29.05.2025 11:41 πŸ‘ 19728 πŸ” 3430 πŸ’¬ 715 πŸ“Œ 818
Soatok Dreamseeker (@soatok@furry.engineer) How to never run out of ideas in 4 easy steps: 1. Seek out people that have problems. (You won't have to go far.) 2. Listen to them explain their problem and what they already tried. 3. Ponder their ...

furry.engineer/@soatok/1145...

29.05.2025 11:28 πŸ‘ 9 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
windows 10 bsod screen but it just says "computer" after the sad face

windows 10 bsod screen but it just says "computer" after the sad face

04.05.2025 00:19 πŸ‘ 1705 πŸ” 529 πŸ’¬ 24 πŸ“Œ 24

PSA: If you choose to submit a novel research talk to one of the top security conferences in the world, maybe check your proposal text all the way through so "Claude may make mistakes. Please check your answers." isn't the final line.

02.05.2025 20:37 πŸ‘ 272 πŸ” 52 πŸ’¬ 7 πŸ“Œ 3

I'm trying to follow a video course and the fact that I cannot listen to my stupid breakcore music while learning is driving me nuts

03.05.2025 19:28 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0