Jon's Personal Blog
Author:
Jon Bottarini
December 9, 2021
Don’t Reply: A Clever Phishing Method In Apple’s Mail App
June 17, 2019
Using Burp Suite match and replace settings to escalate your user privileges and find hidden features
October 9, 2018
Get as image function pulls any Insights/NRQL data from any New Relic account (IDOR)
January 2, 2018
Abusing internal API to achieve IDOR in New Relic
April 3, 2017
Inspect Element leads to Stripe Account Lockout Authentication Bypass
March 16, 2017
Penetrating PornHub – XSS vulns galore (plus a cool shirt!)
March 10, 2017
Discovering a stored XSS that affects over 900k websites (CVE-2016-9751)
March 9, 2017
Bypassing Apple’s iOS 10 Restrictions Settings – Twice