Barrow's Popular Posts
This looks like it could be really handy if you're doing pentesting on premises. https://samy.pl/poisontap/ it grabs all sorts of useful data. Worth reading through.
This is a pretty fun read on using a polyglot jpeg to bypass CSP leading to a XSS vuln. http://blog.portswigger.net/2016/12/bypassing-csp-using-polyglot-jpegs.html