Yesterday I was exchanging some messages on Twitter – specially with Kymberlee Price (from BugCrowd) – about the relationship between vendors and security researchers when […]

Found this vulnerability when auditing other client. With this RFD you don’t need to create a page to force the download. The request for this Google […]

When using Bing online translator I noticed a XHR request on my browser that caught my attention: [code lang=”html”]http://www.bing.com/translator/LandingPage/GetDefinition?oncomplete=jQuery111207287312552798539_1444907172498&market=en&word=test&_=1444907172499[/code] On which reflected on the screen: […]

I’ve been blessed with the opportunity to help others in need so yesterday I delivered more food to a local animal shelter. I was received […]

https://twitter.com/0x6D6172696F/status/680727929094041600

For those who still don’t know Wikiloc: Wikiloc is a place to discover and share the best outdoor trails for hiking, cycling and many other […]

Google, Yahoo!, eBay, Microsoft, Etsy, Nexmo, Weebly, Edmodo, HackerOne, Desk, Adobe, ArubaNetworks, Condé Nast, Linkedin, Acunetix, SendGrid, Rocky Bytes, DepositFiles, Workable, MailChimp, Prestashop, HP, Kaspersky, […]

Since I published my Reflected File Download Cheat Sheet I’m getting lot’s of private messages and emails from security researchers and bounty hunters telling that […]

When auditing a MailChimp client for Cobalt.io I noticed that this company suffers from a Reflected File Download vulnerability that could be exploited only by […]

Plugin link: https://wordpress.org/plugins/mtouch-quiz/ Active Installs: 5,000+ Version tested: 3.1.2 CVE Reference: Waiting mTouch Quiz lets you add quizzes to your site. This plugin was designed […]