Nov 18, 2022Remediation Archeology — Finding and Decoding an Ancient XSSOne of my favorite pastimes in Bug Bounty is reviewing my ancient (read: 2 or 3 years old) vulnerability reports. I feel like I’ve come a long way since then and can review old problems with a fresh perspective. One of these reports — an open redirect from June 2020…Xss Attack4 min readXss Attack4 min read
May 21, 2021Finding and Exploiting Unintended Functionality in Main Web App APIsWhile hunting for bugs on Main Web Apps, I encounter tons of interesting APIs. Some are well secured, obscurely documented, and keep you in your lane despite attempts to poke and prod. Others are surprisingly open and fully exposed via JavaScript files — making them much more interesting targets! …Bug Bounty10 min readBug Bounty10 min read
Apr 4, 2021Journeys in Quoteless and Multi Reflection XSSCross Site Scripting is a tricky bug to fix and bypasses for these fixes can be even trickier. While there are several ways to remediate or prevent XSS, I want to focus on HTML Entity Encoding and the contextual pitfalls that can occur with this method. 9 times out of…Bug Bounty3 min readBug Bounty3 min read
