Skip to content

Sam Curry

Web Application Security Researcher
  • Home
  • Blog
  • Contact

Month: August 2017

How I gained access to chef, docker, AWS, and MongoDB instances in a single request

August 2, 2017 samwcyo 2d Comments

The following article details the successful exploitation of a server sided request forgery vulnerability in Yahoo’s small business platform. If…

Continue Reading →

Recent Posts

  • Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
  • Cracking my windshield and earning $10,000 on the Tesla Bug Bounty Program
  • Reading ASP secrets for $17,000

Archives

  • November 2019
  • July 2019
  • December 2018
  • July 2018
  • May 2018
  • November 2017
  • August 2017
  • June 2017
  • May 2017