An Azure zero-day XSS with sandbox escapeChaining a command injection into a stored XSS that jumps from a compromised SaaS site to the Azure administrator through the Kudu console.
XSS explainedThe three ways to deliver a Cross-Site Scripting payload, the attack vectors that make it dangerous, and a short history of XSS in the wild.
Enumeration with sqlmapUsing sqlmap to enumerate databases through a SQL injection, what enumeration means in a pen test, and how the attack looks in the server logs.