Hey guys for those who want to download my presentation at BSides Lisbon you can do it right here. Also you can watch the 50min […]
OLX and Adobe full-disclosures on HackerOne
OLX Stored XSS https://hackerone.com/reports/152069 Adobe Reflected XSS https://hackerone.com/reports/50389 I asked for full-disclosure of this reports so other users can learn something from it. The OLX […]
Small donation to portuguese firefighters
This Summer my country – Portugal – is being devasted with wildfires in Portugal mainland and Madeira archipelago. More than 3000 firefighters made a huge […]
BSides Lisbon 2016
Guys I’ll be a speaker at BSides Lisbon 2016 with the talk – “The way of the bounty”. If you want to know some of […]
Latest work done
Just to give a small update on my work… I’ve been more active on my Twitter account so follow me to get the latest updates […]
Hey vendors, researchers are here to help
Yesterday I was exchanging some messages on Twitter – specially with Kymberlee Price (from BugCrowd) – about the relationship between vendors and security researchers when […]
Google Finance Reflected File Download
Found this vulnerability when auditing other client. With this RFD you don’t need to create a page to force the download. The request for this Google […]
Bing Reflected File Download
When using Bing online translator I noticed a XHR request on my browser that caught my attention: [code lang=”html”]http://www.bing.com/translator/LandingPage/GetDefinition?oncomplete=jQuery111207287312552798539_1444907172498&market=en&word=test&_=1444907172499[/code] On which reflected on the screen: […]
201 event handlers supported by modern browsers
https://twitter.com/0x6D6172696F/status/680727929094041600