A running list of things I think are worth knowing about, talks I’ve given, blog posts I’ve written and tools/solutions I’ve either developed or helped develop.
Presentations
| [ Presentation ] | BlackHat MEA — Persistence or Snake-oil: Re-achieving Persistent XSS |
| [ Presentation ] | BSides CapeTown 2025 — Persistence or Snake-oil: Re-achieving Persistent XSS |
| [ Presentation ] | BSides CapeTown 2024 — Breaking the Barrier: Exploring modern WAFs |
Blog Posts
| [ Blog ] | Persistence or Snake-oil: Re-achieving Persistent XSS Part 1 — Part 1 of my XSS Persistence Research |
| [ Blog ] | Persistence or Snake-oil: Re-achieving Persistent XSS Part 2 — Part 2 of my XSS Persistence Research |
| [ Blog ] | Breaking the Barrier: Exploring modern WAFs — Moden WAF Bypass Research |
Tools & Resources
| [ Solution ] | NoScope — The TryHackMe NoScope pentesting agent |
| [ Tool ] | BRAT — Browser remote access tool, C2 style tool but for XSS |