Nov 2, 2021

Advisory: Sitecore RCE via Insecure Deserialization - CVE-2021-42237

Aug 29, 2021

Exploiting GraphQL

Apr 5, 2021

Contextual Content Discovery: You've forgotten about the API endpoints

Mar 18, 2021

H2C Smuggling in the Wild

Jan 13, 2021

A Glossary of Blind SSRF Chains

Sep 18, 2020

Finding Hidden Files and Folders on IIS using BigQuery

Sep 15, 2020

Hacking on Bug Bounties for Four Years

Jun 29, 2020

Taking over Azure DevOps Accounts with 1 Click

Feb 2, 2020

Expanding the Attack Surface: React Native Android Applications

Jul 17, 2019

Zoom Zero Day Followup: Getting the RCE
Page 4 of 5