Breaking International Voicemail Security via VVM Exploitation · October 19, 2014 · research voicemail vvm bruteforce

Guide to building the Tastic RFID Thief · June 22, 2014 · rfid hardware security

The deterioration of unmanaged bug bounties · May 30, 2014 · bugbounty rant

How I bypassed 2-Factor-Authentication on Google, Facebook, Yahoo, LinkedIn, and many others · May 3, 2014 · research websec logicflaw

Full Disclosure: Coinbase design allows for mass, targeted phishing of its users. · March 31, 2014 · websec logicflaw

Accessing PayPal’s internal network - the critical nature of SSRF · January 14, 2014 · research websec ssrf

I found Prezi’s source code · December 2, 2013 · research websec bugbounty

"wont fix" Persistent XSS on eBay member pages · September 21, 2013 · research websec