Remediation Archeology — Finding and Decoding an Ancient XSSOne of my favorite pastimes in Bug Bounty is reviewing my ancient (read: 2 or 3 years old) vulnerability reports. I feel like I’ve come a…Nov 18, 2022Nov 18, 2022
Finding and Exploiting Unintended Functionality in Main Web App APIsWhile hunting for bugs on Main Web Apps, I encounter tons of interesting APIs. Some are well secured, obscurely documented, and keep you in…May 21, 2021A response icon1May 21, 2021A response icon1
Journeys in Quoteless and Multi Reflection XSSCross Site Scripting is a tricky bug to fix, and bypasses for these fixes can be even trickier. While there are several ways to remediate…Apr 4, 2021A response icon1Apr 4, 2021A response icon1
