Skip to content

PortSwigger/splitting-the-email-atom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
joomla
joomla
 
 
slides
slides
 
 
tools
tools
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Splitting The Email Atom: Exploiting Parsers To Bypass Access Controls

Welcome to the repo. This repository contains all the materials for my talk "Splitting The Email Atom:Exploiting Parsers To Bypass Access Controls".

You can read about this research at:

https://portswigger.net/research/splitting-the-email-atom

The Joomla directory contains all the code to replicate the demo I presented live at Black Hat and DEFCON.

The tools directory contains all the tools I used for this research. Including the CSS exfiltrator, Hackvertor tags, PHP Punycode fuzzer, converter, SMTP fuzzing scripts and Turbo Intruder scripts.

Academy CTF challenge

We've created a CTF on the Web Security Academy so you can try out your new skills.

Slides

You can grab my slides from Black Hat/DEF CON.

Slides for NDC Manchester 2025

3D rooms portfolio

My personal website that I mention in the talk that has 3D rooms written with just HTML/CSS.

Online Hackvertor

The free web version of Hackvertor that help produce email splitting attacks.

Burp extensions

Turbo Intruder

Hackvertor

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

91 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages