Preface

I’ve seen some fantastic research done by Linus Särud and by Bo0oM on how Safari’s handling of special characters could be abused.

👨🏻‍💻 Introduction & Background:

This is a write-up of how I chained two vulnerabilities (an XSS and a CORS misconfiguration) that allowed me to steal contacts from a victim’s contact book. This data included: names,...

💻 Introduction:

This is a write-up of an SSRF I accidentally found in HackerTarget and leveraged to get access to internal services! Please note that they don’t have an active bug bounty program.

🤔...

🔎 Introduction & Background

        To get started, I’ll give a bit of backstory behind this. I found this bug back in January of 2017 and was one of the first reports I made to...

Recently, HackerOne hosted their second Hack The World competition. During this time I decided to take a look at Yahoo’s bug bounty program because I have heard good things about them and also due to...

H1-212 CTF Solution.pdf

PHP Code Injection in X-Cart.pdf

        Recently, while my friend Alyssa Herrera and I were collaborating on finding ffmpeg vulnerabilities in bug bounty programs, we came to learn that Bandcamp ran a bug bounty program. If you...

Multiple XSS and CSRF in Pulse Connect Secure v8.3R1.pdf

        Invision Power Board is a very popular paid forum software. I decided to audit it and initially found a few stored XSS vulnerabilities in the admin panel, all had a...