Apr 5, 2021

Contextual Content Discovery: You've forgotten about the API endpoints

Mar 18, 2021

H2C Smuggling in the Wild

Jan 13, 2021

A Glossary of Blind SSRF Chains

Sep 18, 2020

Finding Hidden Files and Folders on IIS using BigQuery

Sep 15, 2020

Hacking on Bug Bounties for Four Years

Jun 28, 2020

Taking over Azure DevOps Accounts with 1 Click

Feb 1, 2020

Expanding the Attack Surface: React Native Android Applications

Jul 17, 2019

Zoom Zero Day Followup: Getting the RCE

Apr 23, 2019

Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos

Mar 19, 2019

Discovering a zero day and getting code execution on Mozilla's AWS Network
Page 4 of 5