Pinned

My Year in Review — 2020

A Star is Born

As we collectively (and emphatically) usher in 2021, I can’t help but look back on 2020 in an effort to try and make sense of it all.

A young, naive d0nut unaware of the bullshit that’s about to come

2020, for me, was the year I was going to become…

Week 3: Real Talk on Real Numbers

A really fancy paint by numbers.. err, maybe it was a safari for finding different kinds of numbers?

In continuation of the philosophical and foundational nature of the book thus far, Chapter 3 opens with a discussion on kinds of numbers, our reliance on the appearance of some of them in nature and how that fueled their original derivation, and how we can rederive them without ties to…

Week 2

This week wasn’t about me.

I and millions of others were focused on the murder of George Floyd.

Black Lives Matter.

My progress will resume in the next update.

Published in d0nut reads

·May 27, 2020

Week 1: The Road to Reality

I love watching educational Youtube channels. It’s a great way to constantly keep myself exposed to science and technology. And this is nothing new: I’ve always been engrossed with STEM. Even at a young age, I was sure that I would become a scientist or an engineer, destined to discover…

Piercing the Veal: Short Stories to Read with Friends

Title respectfully inspired by Alyssa Herrera’s Piercing the Veil SSRF blog post

It’s been over a year and a half since I’ve started my bug bounty journey as a hacker. With years of experience triaging reports and working in security, I’ve seen a plethora of bug types, attack vectors, and exploitation techniques. …

Attacks on Applications of K-Anonymity — For the Rest of Us

Three weeks ago I saw a blog post by fellow bug hunter, Jack Cable. The post both inspired and challenged me. The attack vector presented was focused more on reduction in computational security than a binary outcome (e.g. XSS, which either fires or it doesn’t).

Jack’s article presents a theoretical…

Better Exfiltration via HTML Injection

This is a story about how I (re)discovered an exploitation technique and took a bug with fairly limited impact to a 5 digit bounty by bypassing existing mitigations.

A Curious Case of HTML Injection

André Baptista and Cache-Money were working on a very strange bug. It started off as a simple character-set bypass and through a…

5 Tips Bug Bounty Programs Want You to Know About

If you’re not aware, I joined Dropbox’s security team last September. Since then, I’ve become very involved in the bug bounty community on two fronts: both running a program and as a hacker in my spare time. …

Exfiltration via CSS Injection

Today’s topic is something that’s already pretty well covered: CSS injections. I wanted to talk about my experience implementing this attack on a real site. As you may have encountered, the situation in which you find a vulnerability may not be the pristine situation many vulnerabilities are originally described in…

Why Building a Sandbox in Pure Javascript is a Fool’s Errand

Hey all!

I was terribly excited to see all of my new followers on Medium and wanted to ensure I started giving a (near) constant supply of new reading material for everyone. …