After a long day of trying and failing to find vulnerabilities on the Verizon Media bug bounty program I decided…
Ever since I was a kid I was never good at doing schoolwork. I had envied everyone that seemed to…
Over the last few years, usage of vulnerability disclosure and bug bounty programs have increased significantly. It is now almost…
As a preface, when I originally found this bug I was unfamiliar the class of “null byte buffer overflow” even…
One of the more interesting things I’ve had the opportunity to hack on is the Tesla Model 3. It has…
One of the more common vulnerabilities on ASP.NET applications is local file disclosure. If you’ve never developed or worked with…
One of the more challenging tasks in web app pentesting is approaching an application that has limited interaction. It’s very…
When I’m not doing bug bounty or studying for school I’ll often be playing Counter-Strike: Global Offensive or PLAYERUNKNOWN’S BATTLEGROUNDS. Both of…
To preface this article I’d like to give a huge shout out to Yahoo’s paranoids and everyone involved in their…
The following article details the successful exploitation of a server sided request forgery vulnerability in Yahoo’s small business platform. If…