Hey!

I'm Sean, otherwise known as ensy or nsysean, a programmer and CTF player from Hong Kong. Learn more about me.

Get in Touch

Featured Posts

3 XSS Vulnerabilities discovered in SolidJS

February 19, 2025

A write up of some XSS vulnerabilities I found in SolidJS

Read Post

Universal LLM Instruction Leak

February 12, 2025

A blog about a (nearly) universal prompt which leaks LLM instructions

Read Post

DOMPurify 3.2.3 Bypass (Non-Default Config)

January 29, 2025

A write up of a bypass in DOMPurify 3.2.3 I found (CVE-2025-26791)

Read Post

View All Posts