Category: Security

All of my security related writing.

December 9, 2021

Don’t Reply: A Clever Phishing Method In Apple’s Mail App
June 17, 2019

Using Burp Suite match and replace settings to escalate your user privileges and find hidden features
October 9, 2018

Get as image function pulls any Insights/NRQL data from any New Relic account (IDOR)
January 2, 2018

Abusing internal API to achieve IDOR in New Relic
April 3, 2017

Inspect Element leads to Stripe Account Lockout Authentication Bypass
March 16, 2017

Penetrating PornHub – XSS vulns galore (plus a cool shirt!)
March 10, 2017

Discovering a stored XSS that affects over 900k websites (CVE-2016-9751)
March 9, 2017

Bypassing Apple’s iOS 10 Restrictions Settings – Twice