A Glossary of Blind SSRF Chains · January 14, 2021

Finding Hidden Files and Folders on IIS using BigQuery · September 18, 2020

Hacking on Bug Bounties for Four Years · September 15, 2020

Expanding the Attack Surface: React Native Android Applications · February 1, 2020

Discovering a zero day and getting code execution on Mozilla's AWS Network · March 19, 2019

Gaining access to Uber's user data through AMPScript evaluation · January 14, 2019

High frequency security bug hunting: 120 days, 120 bugs · July 29, 2016

Using ngrok to proxy internal servers in restrictive environments · November 18, 2015 · security ngrok pentesting