Very good article that I recommend you guys to read. This is part 1. http://blog.checkpoint.com/2015/08/04/wordpress-vulnerabilities-1/ Enjoy!
No parenteses allowed? location.hash is here
I come across a web application in a bounty private program that reflected my var – xss – with the following code: [code lang=”js”] var […]
Tiny XSS vector
I needed a small XSS vector that could fit in a 10 char limit variable in a limit 10 char on a private client to […]
Exploits start against flaw
[News] Exploits start against flaw that could hamstring huge swaths of Internet – http://t.co/u15KiTgFm0 — bugcrowd (@Bugcrowd) August 3, 2015
I’m number 1 on Cobalt.io
Just checked the Hall of Fame of Cobalt.io and I’m now number 1 in the rank. Not bad for a portuguese guy that started in […]
Desk.com Reflected Filename Download
Who is Desk.com? Salesforce Desk.com help desk software offers small businesses an all-in-one customer service software solution that will help keep customers happy and loyal. […]
Mixpanel gave me a cool Tshirt
When I help companies to fix security issues I do not ask anything in return. I come across a security issue on Mixpanel when auditing […]
It wasn’t me…
Some people say that it’s the price of fame but I don’t think it’s the case. Someone is using my name and reputation to contact […]