research

Breaking International Voicemail Security via VVM Exploitation · October 19, 2014 · research voicemail vvm bruteforce

How I bypassed 2-Factor-Authentication on Google, Facebook, Yahoo, LinkedIn, and many others. · May 3, 2014 · research websec logicflaw

Accessing PayPal’s internal network - the critical nature of SSRF · January 14, 2014 · research websec ssrf

I found Prezi’s source code · December 2, 2013 · research websec bugbounty

Persistent XSS and HTML Injection in Google Feedburner · October 23, 2013 · research websec

"wont fix" Persistent XSS on eBay member pages · September 21, 2013 · research websec

CaptchaJacking - An Approach to Bypassing the Captcha · September 7, 2013 · research websec