Blogs

How signing up for an account with an @company.com email can have unexpected results.

Dec 5, 2017
Something so simple can have unexpected results. It was a late evening and I was fed up of looking at Burp so I decided to just try some things manually on random programs. The result? I ended up with a P1 :) The site was pretty simple as it was similar...
Read more

h1-212 CTF Write-Up

Nov 20, 2017
Hackers, hack your way to NYC this December for h1-212! An engineer of https://t.co/xePbcEBVTR launched a new server for a new admin panel. He is completely confident that the server can’t be hacked, so he hid a flag. Details: https://t.co/WMRQ891idH
Read more

Exploiting a directory traversal on Yahoo acquisition!

Nov 14, 2017
Exploiting directory traversal to view customer credit card information on yahoos small business platform. To preface this article I’d like to give a huge shout out to Yahoo’s paranoids and everyone involved in their bug bounty program. Due to certain...
Read more