Jan 13, 2021

A Glossary of Blind SSRF Chains

Sep 18, 2020

Finding Hidden Files and Folders on IIS using BigQuery

Sep 15, 2020

Hacking on Bug Bounties for Four Years

Jun 28, 2020

Taking over Azure DevOps Accounts with 1 Click

Feb 1, 2020

Expanding the Attack Surface: React Native Android Applications

Jul 17, 2019

Zoom Zero Day Followup: Getting the RCE

Apr 23, 2019

Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos

Mar 19, 2019

Discovering a zero day and getting code execution on Mozilla's AWS Network

Jan 14, 2019

Gaining access to Uber's user data through AMPScript evaluation
Page 4 of 4