Are you a security consultant or a pentester or a bug-bounty hunter or a frustrated hacker that is regularly annoyed by the application’s WAF or strict filter enabled on it? Do you ever have the feeling when you are struggling with the limited time of producing a good POC for XSS that you found but this WAF or filter evilly laughing at you?

If yes, then this presentation will help you boost some confidence to laugh back at them!

The presenter will share some tips and tricks that he generally uses in his daily task. These helped him a lot in deciding either the XSS he encountered is exploitable or not so he can save a lot of hours focusing on producing an awesome security report for the customers. Some of the real-life cases found in his experience as a pentester and bug-bounty hunter will be shared.

$ whoami

Security consultant at ZX Security. 11 years in penetration testing and I don’t know why I’m still doing this.

Father of 4… Oh why…

Previously was a bug-bounty hunter with a good track record. Presented about bug-bounty in several security conferences.

Tweet some random stupid stuff when feeling annoying at something.