RDRafael da Costa Santosinblog.bugport.net·Nov 17, 2025 · 4 min readAuxClickjackingIn this small and fun research, I will show how I developed a Clickjacking technique that leaks iframe contents by prompting the user to perform a click and drag + middle mouse button (wheel) click. I’m not sure if it’s already being exploited, but f...00
RDRafael da Costa Santosinblog.bugport.net·Aug 17, 2023 · 9 min readInfluxDB NoSQL InjectionIn this post, I'll share my experience of discovering a NoSQL Injection vulnerability in a Bug Bounty program in a non-popular database within the hacking community. During the initial discovery, I was expecting to find a good blog post or tool teach...00
RDRafael da Costa Santosinblog.bugport.net·Jun 17, 2023 · 17 min readExploiting HTTP Parsers InconsistenciesThe HTTP protocol plays a vital role in the seamless functioning of web applications, however, the implementation of HTTP parsers across different technologies can introduce subtle discrepancies, leading to potential security loopholes. In this resea...06PMYDP
